Back to skill
Skillv0.1.0
VirusTotal security
WHOOP (Official API) · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 6:05 AM
- Hash
- d806bb125b981342ef19f54bafb3df3ce2658f5f4f5b44f59742fee7f334df7b
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: openclaw-slug Version: 0.1.0 The WHOOP skill bundle is a standard and well-implemented API integration. It facilitates OAuth 2.0 authorization, data fetching, and normalization for WHOOP health metrics. The scripts (whoop_fetch.py, whoop_token.py, etc.) use Python's standard library to interact exclusively with official WHOOP endpoints (api.prod.whoop.com), and token storage is handled securely using restricted file permissions (0o600). No evidence of data exfiltration, malicious execution, or prompt injection was found.
- External report
- View on VirusTotal