Back to skill
Skillv0.1.0
VirusTotal security
People Memories · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignMay 1, 2026, 3:09 AM
- Hash
- ca6bf876f1b062eca5cc9622cfced2f77ba399b5c0ac60c41cac53bfa80b09b6
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: people-memories Version: 0.1.0 The skill's functionality is clearly aligned with its stated purpose of managing personal notes about people. It uses `node:child_process.execFile` in `extensions/people-memories/index.js` to execute a Python script (`scripts/people_memory.py`), which is a common pattern for integrating multi-language components. The Python script uses `argparse` to safely handle command-line arguments, mitigating command injection risks. File operations are confined to a dedicated database file (`~/.clawdbot/people-memory.json`) and user-specified export paths (e.g., `~/Desktop/alex.md` as shown in `SKILL.md`). There is no evidence of data exfiltration, persistence mechanisms, malicious prompt injection, or obfuscation. The mention of a 'helper cron job' and Telegram delivery in `SKILL.md` describes external integrations, not functionality implemented by the skill itself.
- External report
- View on VirusTotal