Back to skill
Skillv1.0.0
VirusTotal security
ForkZoo · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 3:26 AM
- Hash
- a8a3d0f96e4274911685ea7057a3e2d81fe9055559fe24112195152ee30980ba
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: Developer: Version: Description: OpenClaw Agent Skill Suspicious High-Entropy/Eval files: 4 The OpenClaw skill bundle is classified as benign. While it requires a GitHub token with broad `repo` and `workflow` scopes, these permissions are explicitly declared in `SKILL.md` and are necessary for the skill's stated purpose of adopting and managing GitHub-native digital pets (e.g., forking repositories, enabling GitHub Actions, dispatching workflows, setting up GitHub Pages). The scripts (`adopt.sh`, `interact.sh`, `status.sh`, `gallery.sh`) only interact with `api.github.com` and related legitimate project domains, without any evidence of data exfiltration to unauthorized endpoints, malicious execution, persistence mechanisms, or prompt injection attempts against the AI agent.
- External report
- View on VirusTotal