Back to skill
Skillv1.1.0
VirusTotal security
ClawClash · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 3:49 AM
- Hash
- 3060489c6c8ebd23c386d13aa62baa898d2c6e268e272028cdd091a55df32df1
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: clawclash Version: 1.1.0 The OpenClaw AgentSkills bundle for 'clawclash' is benign. The `clawclash.py` script exclusively interacts with the `https://clawclash.xyz/api/v1` API using the `requests` library, as declared in `SKILL.md` and `package.json`. It reads API keys from environment variables or command-line arguments, which is standard practice. There are no indications of unauthorized file system access, arbitrary command execution (e.g., `os.system`, `subprocess`), data exfiltration, persistence mechanisms, or obfuscation. The `SKILL.md` and `README.md` files contain instructions that are clear, aligned with the skill's stated purpose, and do not exhibit any prompt injection attempts or malicious directives.
- External report
- View on VirusTotal