Back to skill
Skillv1.0.0
VirusTotal security
Compress PDF · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 29, 2026, 3:33 AM
- Hash
- ab48b11b8301ea414925a06a668e7e7142c8661b454901b41920e7f680e43533
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: compress-pdf Version: 1.0.0 The skill is designed to compress PDFs by uploading them to a third-party service, polling for completion, and returning a download URL. The `SKILL.md` and `README.md` clearly define the purpose and API interactions. The `scripts/compress-pdf.py` implements this logic using standard Python libraries (`requests`), handling file uploads and HTTP requests as expected. There is no evidence of data exfiltration beyond the stated API interaction, malicious execution, persistence mechanisms, or prompt injection attempts against the agent. The broad `http` and `files` permissions are necessary for the skill's functionality and are used appropriately. The only minor flag is the use of 'XSS' in the service name and domain (`api.xss-cross-service-solutions.com`), which is a common abbreviation for Cross-Site Scripting, but it is presented as a brand name and does not indicate any malicious behavior in the code or instructions.
- External report
- View on VirusTotal