Back to skill
Skillv1.0.9
VirusTotal security
SmartBill Invoicing · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 4:18 AM
- Hash
- b1aaf6c658a09ae38bd3aedccbb62c4d567b9fd3e10aab2d8aac8601d6a024eb
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: smartbill-invoicing Version: 1.0.9 The skill bundle is benign. The `scripts/smartbill_cli.py` implements robust security controls, notably the `_safe_output_path` function, which strictly validates PDF output paths to prevent arbitrary file writes and path traversal by ensuring paths end in `.pdf` and resolve within OpenClaw-allowed media roots or the current working directory. Furthermore, the `SKILL.md` and `agents/openai.yaml` instructions explicitly guide the AI agent towards secure practices, such as requiring `--allow-final` for issuing final invoices and reinforcing the output path restrictions, demonstrating a clear intent to prevent misuse rather than facilitate it.
- External report
- View on VirusTotal