Back to skill
Skillv1.0.0
VirusTotal security
aws-price-csv · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:09 AM
- Hash
- 48b6d2b12ed5cb45b58a692e0b36d09326e1c0a3a338e5d92fc70e27d6357a8b
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: aws-price-csv Version: 1.0.0 The skill is designed to generate AWS pricing reports but contains high-risk capabilities including network access, file system operations, and execution of external commands. Specifically, `scripts/generate_pricing_csv.py` uses `urllib.request.urlopen` to fetch data from the official AWS pricing endpoint (pricing.us-east-1.amazonaws.com), writes to a local cache directory (~/.cache/aws-price-csv), and executes `aws` CLI commands via `subprocess.run`. While these actions are clearly aligned with the tool's stated purpose and no malicious intent or exfiltration logic was identified, the presence of these powerful capabilities qualifies the skill as suspicious under the provided security criteria.
- External report
- View on VirusTotal