Back to skill
Skillv1.0.0
VirusTotal security
SwitchBot Smart Home Control · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignMay 1, 2026, 3:28 AM
- Hash
- ce563b80c87f1b71ec01ec6acabe28feb06c855f9030a3a47031368e17847e43
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: Developer: Version: Description: OpenClaw Agent Skill Suspicious High-Entropy/Eval files: 1 The skill is designed to control SwitchBot smart home devices via their official Cloud API. It provides clear instructions in SKILL.md for users to obtain and securely store API credentials in `~/.config/switchbot/credentials.json` with appropriate file permissions (chmod 600). The `scripts/switchbot.py` script correctly implements HMAC-SHA256 authentication for API calls to `https://api.switch-bot.com/v1.1` and handles credential loading and API interactions securely. There is no evidence of data exfiltration, malicious execution, persistence, obfuscation, or prompt injection attempts against the agent to perform unauthorized actions. All actions are aligned with the stated purpose of device control.
- External report
- View on VirusTotal