Back to skill
Skillv1.1.3
VirusTotal security
skill-trust-auditor · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 4:26 AM
- Hash
- ea34f912cfcef1a80367aa2f87233f242da4872062b5a4359d03c076e74b34ba
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: skill-trust-auditor Version: 1.1.3 The OpenClaw skill-trust-auditor is designed to identify security risks in other skills. Its own implementation demonstrates a strong focus on security, including robust input validation and sanitization (e.g., `_sanitize_untrusted` in `scripts/analyze_skill.py`) to prevent prompt injection when using LLMs. Shell commands in `scripts/audit.sh` correctly quote user input, mitigating shell injection risks. The skill's dependencies are standard, and there is no evidence of data exfiltration, backdoor installation, or other malicious intent within its own code or instructions. All identified high-risk patterns are part of its detection logic (`scripts/patterns.json`), not actions performed by the skill itself.
- External report
- View on VirusTotal