Back to skill
Skillv1.0.3
VirusTotal security
Strava Training Coach · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignMay 1, 2026, 4:11 AM
- Hash
- 335e95bb17faafe3a770ff425fe83f70c93ba24427b3df33ffd73d543574b7ec
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: strava-training-coach Version: 1.0.3 The skill bundle demonstrates strong security practices, aligning with its stated purpose of being an AI running coach. It uses environment variables for all sensitive data, stores tokens securely with 0600 permissions in XDG-compliant directories, implements robust input validation (including regex for webhook URLs), redacts sensitive information from logs, and uses HTTPS with timeouts for all network communication. The `SKILL.md` provides clear instructions without any evidence of prompt injection attempts to manipulate the AI agent for malicious purposes. All file and network access is strictly confined to the legitimate functionality of interacting with Strava, Oura, and notification services (Discord/Slack).
- External report
- View on VirusTotal