Back to skill
Skillv1.0.1
VirusTotal security
Native Stripe · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 29, 2026, 4:22 AM
- Hash
- ac35aabf276079a91b2f077af6be8e8c98318588c40775ce8cc797ed9ee89b16
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: native-stripe Version: 1.0.1 The OpenClaw skill 'native-stripe' is designed to interact with the Stripe API directly. The `SKILL.md` and `README.md` provide clear, non-malicious instructions for the AI agent and user, without any prompt injection attempts. The `stripe_query.py` script uses standard Python libraries (`urllib.request`, `json`, `os`) to make authenticated requests to `https://api.stripe.com/v1`. It correctly retrieves the `STRIPE_SECRET_KEY` from environment variables and uses it for API authentication. All network communication is confined to the official Stripe API endpoint, and there is no evidence of data exfiltration, unauthorized execution, persistence mechanisms, or other malicious intent. Input parameters are handled via `argparse`, limiting the scope for arbitrary command injection.
- External report
- View on VirusTotal