Back to skill
Skillv1.0.0
VirusTotal security
Plant Tracker · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 3:33 AM
- Hash
- 46949da70cea96b0c923edf8c942b4d8271a4edc81b609a36723d90f94d11b0a
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: plant-tracker Version: 1.0.0 The OpenClaw AgentSkills skill bundle 'plant-tracker' is classified as benign. The `SKILL.md` documentation clearly outlines the purpose and usage without any prompt injection attempts. The core script, `scripts/plant_tracker.py`, demonstrates robust security practices, particularly in its `export_plants` function. This function utilizes a `is_safe_path` helper that explicitly whitelists output directories to `~/.openclaw/workspace`, `~`, and `/tmp`, while explicitly blacklisting sensitive system paths (e.g., `/etc`, `/usr`, `/var`) and critical dotfiles (e.g., `~/.ssh`, `~/.bashrc`), preventing unauthorized file writes. No evidence of data exfiltration, malicious execution, persistence, or obfuscation was found.
- External report
- View on VirusTotal