Back to skill
Skillv1.0.2
VirusTotal security
API Credit Health Bar Lite · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 4:20 AM
- Hash
- 4537b99d5b3541c06c825ffe7708014197d9087a8ff0e898d61e9ba68e6ea57b
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: api-credits-lite Version: 1.0.2 The OpenClaw AgentSkills skill bundle 'api-credits-lite' is classified as benign. All code and documentation align with the stated purpose of tracking and displaying API credit balances. API keys are handled securely by being read from environment variables and not stored on disk. Network requests are limited to official API endpoints (OpenAI, OpenRouter, Vercel) for balance checks, as explicitly detailed in `SECURITY.md`. Input sanitization is present for command-line arguments in scripts like `sync_provider.py` and `topup.py`, preventing shell injection. There is no evidence of data exfiltration, persistence mechanisms, obfuscation, or prompt injection attempts in `SKILL.md` or `README.md`.
- External report
- View on VirusTotal