Back to skill
Skillv1.0.1
VirusTotal security
QRCode · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 29, 2026, 4:21 AM
- Hash
- 8052f30d4a911465b21f298df1493cbbf94e3407be3b6da4c6dc1f806cbba467
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: qrcode Version: 1.0.1 The OpenClaw AgentSkills 'qrcode' skill is classified as benign. Both the `SKILL.md` instructions and the `scripts/generate.mjs` code demonstrate a strong focus on security. The `SKILL.md` provides clear, non-malicious instructions for the agent, focusing on displaying output and user interaction, with no evidence of prompt injection. The `scripts/generate.mjs` script implements robust security measures, including comprehensive input validation, strict path traversal protection (forcing all outputs to the workspace root via `sanitizeOutputPath`), symlink attack prevention (`safeWriteFile`), resource limits to prevent DoS, and proper XML escaping to prevent SVG injection. There is no evidence of data exfiltration, unauthorized execution, or persistence mechanisms.
- External report
- View on VirusTotal