Back to skill
Skillv1.0.2
VirusTotal security
FadNote · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 29, 2026, 4:37 AM
- Hash
- 2df55ec539165b667bafcfae865671f1b64acc9bc93de34ccfb749608b58b5ea
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: fadnote Version: 1.0.2 The OpenClaw FadNote skill is designed to create secure, self-destructing notes using client-side encryption. The `SKILL.md` clearly defines its purpose and usage, instructing the agent to pipe sensitive user input to the `fadnote.js` script for encryption. The `fadnote.js` script correctly implements AES-256-GCM encryption with PBKDF2 key derivation, sending only the encrypted blob to the `FADNOTE_URL` endpoint while keeping the decryption key client-side in the URL fragment. There is no evidence of prompt injection attempts in `SKILL.md`, unauthorized data exfiltration (beyond its stated, encrypted purpose), malicious execution, persistence mechanisms, or obfuscation. The skill's behavior is fully aligned with its stated purpose and cryptographic claims.
- External report
- View on VirusTotal