Back to skill
Skillv1.0.0
VirusTotal security
FreshBooks CLI · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 29, 2026, 3:30 AM
- Hash
- aa1f5772c0d9e89dbef33e9126e0921061c98e74483c32fde97e812bea74536a
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: freshbooks-cli Version: 1.0.0 The skill bundle is designed to manage FreshBooks via a CLI. It installs a third-party npm package (`@haseebuchiha/freshbooks-cli`) from GitHub Package Registry, which is a legitimate hosting option. The `SKILL.md` provides clear instructions for the AI agent on installation, authentication (requiring client ID/secret, which can be read from environment variables), and usage of the FreshBooks CLI. It explicitly mentions storing tokens securely and includes a safety instruction for the agent to confirm with the user before modifying billing data. There is no evidence of intentional harmful behavior, data exfiltration beyond the skill's purpose, or prompt injection attempts to subvert the agent's control.
- External report
- View on VirusTotal