Back to skill
Skillv0.2.0
VirusTotal security
Places Search · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignMay 1, 2026, 4:10 AM
- Hash
- 1cd6a9d435b567c2dd0600b7e42d50e63feaa0a925b134557776d36be3111a62
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: camino-places Version: 0.2.0 The skill bundle is benign. It provides a shell script (`scripts/places.sh`) that uses `curl` and `jq` to interact with the `https://api.getcamino.ai/search` endpoint for place lookup, requiring a `CAMINO_API_KEY`. The script correctly validates JSON input and passes it as the request body, preventing shell injection. The `SKILL.md` documentation clearly outlines the skill's purpose, dependencies, and usage, without any evidence of prompt injection attempts or instructions for the AI agent to perform malicious actions. There are no signs of data exfiltration, persistence mechanisms, or obfuscation.
- External report
- View on VirusTotal