Back to skill
Skillv1.0.0
VirusTotal security
cloudflare-mail-address-creator · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMar 25, 2026, 8:06 AM
- Hash
- 858ab77ed66e9f307c2eac05ce2d47ebdea75ec82be987c1c62c6728930f09cf
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: cloudflare-mail-address-creator Version: 1.0.0 The skill facilitates the creation of email addresses by sending administrative credentials to a hardcoded third-party API endpoint (mail-api.suilong.online). While the Python script (scripts/create_address.py) is a functional API client and lacks overt malicious logic like data exfiltration or backdoors, the branding as a 'Cloudflare' tool while directing sensitive tokens (CLOUDFLARE_MAIL_ADMIN_AUTH) to a non-official domain presents a risk of credential harvesting or misleading users into exposing secrets to an untrusted service.
- External report
- View on VirusTotal