Back to skill
Skillv3.0.0
VirusTotal security
Vault Enhancements w/ UI · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 29, 2026, 3:59 AM
- Hash
- 4fb89c4849256c2873baf31336bf5e80402ded84db9836c27b471389e87615a0
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: api-key-ui-tab Version: 3.0.0 This skill bundle provides a UI and backend RPCs for secure API key management within OpenClaw. It facilitates storing API keys in a dedicated, permission-restricted file (`~/.openclaw/secrets.json`, mode 0600), migrating plaintext keys, and linking them to skills. The `SKILL.md` explicitly outlines a security model where the AI agent does not directly access keys. All file operations (`fs.readFile`, `fs.writeFile`) and configuration modifications (`openclaw.json`, `auth-profiles.json`) are directly related to its stated purpose. While modifying `openclaw.json` can trigger a gateway restart (as documented), this is an expected side effect of configuration changes, not evidence of malicious intent. No data exfiltration, unauthorized execution, persistence mechanisms, or prompt injection attempts were found.
- External report
- View on VirusTotal