Back to skill
Skillv1.0.2
VirusTotal security
weather · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 4:22 AM
- Hash
- e7abd22cf985a3d20166bc2f1e6b94e7822a302e4fc816f31909b7b88cd37d7b
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: maomao-weather Version: 1.0.2 The OpenClaw skill bundle is designed for weather lookup and appears benign. The `SKILL.md` correctly declares `allowed-tools: Bash` and passes user arguments to the `scripts/weather.py` script via standard input (`printf '%s\n' "$ARGUMENTS" | python3 ...`), which is a robust method to prevent direct shell injection. The `weather.py` script safely processes this input, making network requests only to legitimate Open-Meteo APIs for geocoding and weather data, without any evidence of data exfiltration, arbitrary command execution, or other malicious activities. No prompt injection attempts were found in the markdown files.
- External report
- View on VirusTotal