Back to skill
Skillv0.1.7
VirusTotal security
Openclaw Receipt Manager · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignMay 1, 2026, 4:50 AM
- Hash
- 4a5ea700274812260de28630ecb49e35f3e7ff144ad226be209441f01dba3979
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: openclaw-receipt-manager Version: 0.1.7 The OpenClaw Receipt Manager skill is classified as benign. The Python scripts (`scripts/handler.py` and `scripts/receipt_db.py`) demonstrate robust security practices, including explicit input sanitization (`sanitize_string`, `validate_path`), safe execution of external commands via `subprocess.run` with argument lists (preventing shell injection), and parameterized SQL queries (preventing SQL injection). Crucially, `scripts/receipt_db.py` includes strong path validation and restricts image file operations to the user's home directory, preventing path traversal and unauthorized file access. No evidence of data exfiltration, malicious execution, persistence mechanisms, or obfuscation was found. The skill's functionality is entirely aligned with its stated purpose of local receipt management.
- External report
- View on VirusTotal