Back to skill
Skillv1.1.4
VirusTotal security
Clawbsky · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 4:30 AM
- Hash
- 6e85937fd7cbbfeab52bee538b229db6d34cd3ceda78befdf26f91de83e488d6
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: clawbsky Version: 1.1.4 The OpenClaw AgentSkills skill bundle 'clawbsky' is a Bluesky CLI tool that appears benign. It handles Bluesky credentials responsibly by storing them in a `.env` file with restrictive permissions and adding it to `.gitignore`. The code includes robust `validateFilePath` functions in `scripts/cli.ts`, `scripts/post.ts`, and `scripts/utils.ts` to sanitize input paths before passing them to external binaries like `ffmpeg` and `ffprobe`, effectively mitigating potential shell injection vulnerabilities. Automation features like 'follow-all' and 'unfollow-non-mutuals' incorporate rate limiting and user confirmation prompts for large operations, demonstrating an intent for responsible use. All network calls are directed to legitimate Bluesky API endpoints, and the `SKILL.md` and `README.md` clearly outline the tool's purpose and ethical usage guidelines, with no evidence of prompt injection attempts against the agent.
- External report
- View on VirusTotal