Back to skill
Skillv0.1.0
VirusTotal security
Model Usage · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 4:06 AM
- Hash
- 9fbb09654f1f7593b95f0f62f2ab42f76afb211684e08caad2c2ecec9fc35849
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: model-usage-skill Version: 0.1.0 The skill is designed to summarize AI model usage costs from the local CodexBar CLI. The `SKILL.md` provides clear instructions for the agent to run the bundled Python script or `codexbar` itself, without any prompt injection attempts. The `scripts/model_usage.py` script executes the `codexbar` binary using `subprocess.check_output` with a list of arguments, which is a safe method that prevents shell injection. Input parameters are validated via `argparse` choices. The script processes JSON output from `codexbar` or a specified file/stdin, extracting data without executing arbitrary code. There is no evidence of data exfiltration, persistence, unauthorized network activity, or obfuscation. All observed behavior aligns with the stated purpose.
- External report
- View on VirusTotal