Back to skill
Skillv1.0.0
VirusTotal security
XMTP CLI · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 29, 2026, 3:14 AM
- Hash
- 3ff746138625cb5fb0f371fa70305db4f176b8decdd85a69bd2b5c9ed448dbd6
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: xmtp-cli Version: 1.0.0 The OpenClaw AgentSkills bundle for the XMTP CLI is benign. It provides instructions and commands for installing and interacting with the XMTP command-line interface, including managing conversations, groups, messages, and debugging. While the skill handles sensitive information like private keys (`XMTP_WALLET_KEY`) and database encryption keys (`XMTP_DB_ENCRYPTION_KEY`) in `setup/rules/env-variables.md` and `setup/rules/init.md`, these are explicitly for configuring the XMTP CLI itself, not for exfiltration or unauthorized access. There is no evidence of prompt injection, malicious execution, data exfiltration to external endpoints, persistence mechanisms, or obfuscation. All actions are clearly aligned with the stated purpose of managing the XMTP CLI.
- External report
- View on VirusTotal