Back to skill
Skillv1.2.4
VirusTotal security
Buy from Amazon — Search, Cart & Order for AI Agents · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 29, 2026, 3:55 AM
- Hash
- eeb6444798ede97b92ece550ff9dab6e03e0800b4cfa8cfdccf84ad35a34a19b
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: buy-amazon Version: 1.2.4 The OpenClaw skill 'buy-amazon' is designed for e-commerce shopping via buystuff.ai, which acts as an intermediary for Amazon purchases. The `SKILL.md` clearly outlines its functionality, data handling, and safety measures, explicitly stating that no payment information is collected or processed directly by the API, and user approval is required before sending a payment link. All network calls are directed to a single, specified domain (https://buystuff.ai). There is no evidence of data exfiltration beyond what is necessary for order fulfillment (shipping address, email for payment link), no malicious execution, persistence mechanisms, obfuscation, or prompt injection attempts designed to subvert the agent's intended behavior. The instructions for the agent emphasize transparency and user consent.
- External report
- View on VirusTotal