Back to skill
Skillv0.2.5
VirusTotal security
BotSee · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 4:15 AM
- Hash
- c5478448f1421f66a37d48b6f30f9f079cd4ce029aa2a3e9bf9feafdd2607936
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: botsee Version: 0.2.5 The OpenClaw AgentSkills skill bundle for BotSee is classified as benign. The Python script (`scripts/botsee.py`) primarily interacts with the `botsee.io` API using `urllib.request` with proper SSL certificate validation. It implements secure handling of API keys by storing them in `~/.botsee/config.json` with strict `0o600` file permissions. Crucially, the `CHANGELOG.md` explicitly notes the removal of a self-update mechanism (mitigating supply chain risk) and a passive API key detection method in `SKILL.md` (addressing a prompt injection vector), demonstrating a strong commitment to security. There is no evidence of arbitrary command execution, data exfiltration beyond the stated purpose, or persistence mechanisms. Minor discrepancies exist between `README.md` and `botsee.py` regarding supported arguments for USDC payment, but these result in the script being less permissive, not more, and do not indicate malicious intent.
- External report
- View on VirusTotal