Back to skill
Skillv1.0.1
VirusTotal security
Ticktick Skill For Power Users · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 9, 2026, 12:36 PM
- Hash
- 28cb657915c4284fbaf6f3b775805f479bb6c61ba97d229a1bc823c312f107d1
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: ticktickpower Version: 1.0.1 The skill bundle provides a functional CLI for managing TickTick tasks and projects using OAuth2. While the 'attach' command requires a sensitive browser session cookie (sessionCookie) to bypass limitations in the official Open API, the code handles this transparently, stores credentials locally in a restricted directory (~/.clawdbot/credentials/ticktick-cli/ with 0600 permissions), and only communicates with official TickTick endpoints (api.ticktick.com). No evidence of data exfiltration, malicious execution, or harmful prompt injection was found across the codebase or documentation.
- External report
- View on VirusTotal