Back to skill
Skillv1.0.0
VirusTotal security
Quack Coordinator · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 4:38 AM
- Hash
- d30140a156276796c5c046adc4221b864845e0331c9a6008a7ac9a03ebaedf1a
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: quack-coordinator Version: 1.0.0 The OpenClaw AgentSkills skill bundle 'quack-coordinator' is classified as benign. All scripts (`bid.mjs`, `hire.mjs`, `rfp.mjs`) correctly read an API key from `~/.openclaw/credentials/quack.json` and use it to authenticate requests to the `https://quack.us.com` API, which aligns with the stated purpose of coordinating tasks on the 'Quack Network'. Input parameters are properly sanitized (e.g., `encodeURIComponent` for URL paths, `parseFloat` for numbers, `JSON.stringify` for body content) before being sent. There is no evidence of data exfiltration to unauthorized endpoints, malicious execution, persistence mechanisms, or prompt injection attempts in `SKILL.md`.
- External report
- View on VirusTotal