Back to skill
Skillv0.1.1
VirusTotal security
Paperbanana · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignMay 1, 2026, 4:58 AM
- Hash
- 2d59fe72c71b3d15068d66d8ad29f0795aacfb926d3d54292677d4d9b616fd42
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: openclaw-paperbanana Version: 0.1.1 The skill is designed to generate diagrams and plots using external AI providers (Google Gemini, OpenAI, OpenRouter). It transparently discloses that user-provided data (text, images, CSV/JSON) is sent to these third-party APIs, explicitly warning users not to use it with sensitive data. The Python scripts (`evaluate.py`, `generate.py`, `plot.py`) implement this functionality by reading user input files, making API calls, and saving generated images to `/tmp`. Dependencies are managed securely via `uv`, and there is no evidence of prompt injection attempts in `SKILL.md`, hidden malicious code, unauthorized data exfiltration beyond the stated purpose, persistence mechanisms, or obfuscation. The `curl | sh` instruction for `uv` in `README.md` is for user installation, not executed by the agent.
- External report
- View on VirusTotal