Back to skill
Skillv0.4.1
VirusTotal security
Zhuaxia · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 5:26 AM
- Hash
- 1f495a069e25ed49a8eddda1a89905a0a17846904fb3efa6bbdae7ed362c6808
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: zhuaxia Version: 0.4.1 The 'zhuaxia' skill bundle provides legitimate utility for exporting, importing, and backing up OpenClaw instances. The core logic in `scripts/clawctl.mjs` includes robust security measures, such as a credential sanitizer that uses regex patterns and Shannon entropy to detect and strip API keys (OpenAI, Anthropic, etc.) before export. It also implements a mandatory exclusion list (`MANDATORY_FILE_EXCLUSIONS`) to prevent the accidental packaging of sensitive directories like `~/.ssh`, `credentials/`, or `sessions/`. The `SKILL.md` instructions are well-structured, emphasizing user confirmation, dry-runs, and automatic safety backups before performing destructive operations, with no evidence of malicious intent or data exfiltration.
- External report
- View on VirusTotal