Back to skill
Skillv0.1.0
VirusTotal security
Zotero Cli · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 3:35 AM
- Hash
- 1941232293563ff5ee5cdeeca23c87857d397ed9527a8488b2fa1ae76b05ee4c
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: zotero-cli Version: 0.1.0 The OpenClaw AgentSkills skill bundle for 'zotero-cli' is classified as benign. All scripts and documentation are clearly aligned with the stated purpose of managing Zotero references via a command-line interface. Risky capabilities such as `sudo` are used for legitimate system package installations (e.g., `pipx`, `pandoc`) within setup and update scripts (`setup_and_check.sh`, `update_check.sh`). Network calls are limited to fetching version information from PyPI and GitHub, and an example of `scp` for sharing bibliographies, all of which are transparent and serve the tool's intended functionality. There is no evidence of intentional malicious behavior, data exfiltration to unauthorized endpoints, or prompt injection attempts against the agent to perform harmful actions.
- External report
- View on VirusTotal