Back to skill
Skillv1.0.0
VirusTotal security
Backup of conversations to Obsidian · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 3:03 AM
- Hash
- fce7f5beca4630d0c6d21267d6fbc6af42dde27c721cc3c6ab07273b285421ed
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: obsidian-conversation-backup Version: 1.0.0 The skill is classified as suspicious due to the `scripts/monitor_and_save.sh` script accessing the sensitive `/root/.clawdbot/clawdbot.json` file to retrieve a Telegram bot token and then performing network egress via `curl` to send messages to the Telegram API. While this is documented as a 'token warning' feature and the messages sent are predefined, the combination of reading a sensitive configuration file and initiating external network communication represents a high-risk capability that could be misused, even if not explicitly malicious in its current implementation.
- External report
- View on VirusTotal