Back to skill
Skillv1.0.0
VirusTotal security
ClawHub Publish · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignMay 1, 2026, 4:57 AM
- Hash
- 6afbdfae99701ae356cf7fd94920cb791f54d609776a9742e7bc0cf9ca0f1cca
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: clawhub-publish-mai Version: 1.0.0 The skill bundle's primary purpose is to publish OpenClaw skills to ClawHub, involving language checks, sanitization, and using the `clawhub` CLI. All commands and instructions, including file system operations (`Get-Content`, `[System.IO.File]::WriteAllText`) and external network calls (`clawhub publish`), are directly aligned with this stated purpose. While installing global npm packages (`npm i -g clawhub`) and writing to local files are powerful capabilities, they are presented as necessary steps for legitimate skill management and sanitization, without any evidence of malicious intent or attempts at prompt injection to subvert the agent's core directives. The hardcoded `https://clawhub.ai/u/jini92` URL in `SKILL.md` and `references/checklist.md` is a minor oversight (revealing a developer's username) but not a security vulnerability or malicious action.
- External report
- View on VirusTotal