PVPC España
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: pvpc-spain Version: 1.0.0 The skill bundle is benign. All Python scripts are clearly aligned with the stated purpose of querying and optimizing PVPC electricity prices in Spain, using the official public API of ESIOS (Red Eléctrica de España) at `api.esios.ree.es`. The `SKILL.md` documentation provides clear instructions for the AI agent without any evidence of prompt injection attempts, and all commands executed are local Python scripts within the bundle. There is no indication of data exfiltration, malicious execution, persistence, or obfuscation.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill may run local Python scripts when asked for electricity-price information, but the provided scripts do not show destructive or broad system operations.
The runtime instructions ask the agent/user to run included Python helper scripts. This is central to the stated purpose and the examples are bounded to price lookup/optimization, but it is still local command execution users should notice.
python scripts/get_pvpc.py --now python scripts/find_cheap_ranges.py python scripts/optimize_appliance.py --duration 2 --name lavadora
Use the documented commands and review any changed command arguments before running them.
You have less external context about who maintains the skill, although the artifacts reviewed do not show hidden dependencies or remote install scripts.
The registry metadata does not provide upstream provenance or a homepage. The reviewed code is included and no install-time download is specified, so this is a provenance notice rather than a security concern.
Source: unknown Homepage: none No install spec — this is an instruction-only skill.
If provenance matters, inspect the included scripts or prefer a skill with a public source repository.