Back to skill
Skillv1.0.0
VirusTotal security
SerpApi Flights (Google Flights) · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 4:25 AM
- Hash
- 162b792dd344fc6241b65da6e932beac4d4896b41b8b959a547a69a9e41d9846
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: serpapi-flights Version: 1.0.0 The skill bundle is designed to query Google Flights via SerpApi. The `SKILL.md` provides clear instructions and examples without any prompt injection attempts. The `scripts/query.mjs` script correctly retrieves the `SERPAPI_KEY` from environment variables and uses `node:util.parseArgs` for robust command-line argument parsing, mitigating shell injection risks. Network requests are made to the legitimate `serpapi.com` endpoint, and there is no evidence of data exfiltration, malicious execution, persistence mechanisms, or obfuscation. The code aligns with its stated purpose and lacks high-risk behaviors.
- External report
- View on VirusTotal