Back to skill
Skillv0.1.0
VirusTotal security
YunShi · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 4:12 AM
- Hash
- 830fb293024c9fafeb3697df1dc1b3cc5044c4070bc993264a68e2174c5b520a
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: fortune-oracle Version: 0.1.0 The skill is designed for local, offline fortune-telling. It explicitly forbids network access and arbitrary command execution (e.g., `find`, `ls`, `python3`). File operations are limited to reading specific files (`fortune_rules.md`, `user_chart_profile.md`, `user_chart_profile.json`) within the skill's `{baseDir}` and writing a user profile JSON (`user_chart_profile.json`) to the same directory, conditional on host write permissions. Instructions for 'message sending tools' for scheduled pushes (in SKILL.md) specify using platform-controlled channels (`delivery.channel`, `delivery.to`) and explicitly forbid including system logs or session IDs. All 'taboo warnings' and 'action suggestions' are generated text for the user, not commands for the agent to execute. There is no evidence of intentional malicious behavior or attempts to bypass security controls.
- External report
- View on VirusTotal