Back to skill
Skillv1.0.1
VirusTotal security
Publer · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 4:06 AM
- Hash
- 7242554abc20ec51f56efe76c2730736ebbfa88164449467c6d77514b98d48ee
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: publer Version: 1.0.1 The skill bundle provides a Python client for the Publer API to post and schedule social media content. The `SKILL.md` instructions are clear and do not contain any prompt injection attempts. The `scripts/publer.py` script uses standard libraries (`requests`, `argparse`, `os`) to interact with the legitimate Publer API (`https://app.publer.com`). It reads API keys from environment variables and uploads user-specified files to the Publer service. There is no evidence of data exfiltration to unauthorized endpoints, malicious execution, persistence mechanisms, or obfuscation. The file upload functionality, while capable of uploading any specified file, is a core feature of the skill and does not inherently seek out or exfiltrate sensitive data; it only processes files explicitly provided as arguments.
- External report
- View on VirusTotal