Back to skill
Skillv1.0.2
VirusTotal security
TOTP · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 29, 2026, 4:30 AM
- Hash
- 75892694122fd5421d051dada47d06ec958270e6b45f3d0f4d6fdb7d398a46ba
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: totp Version: 1.0.2 The OpenClaw TOTP skill is designed for secure OTP verification, using standard libraries like `@otplib` and `qrcode`. The `SKILL.md` instructions are clear, align with the stated security purpose, and include a critical step to immediately delete the generated `qr.png` file, which contains the TOTP secret, after it's sent to the user. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, or prompt injection attempts against the agent beyond its stated security function.
- External report
- View on VirusTotal