Back to skill
Skillv0.5.4
VirusTotal security
wolt-cli · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 4:17 AM
- Hash
- 5ad4690f0b8d1fa2fe3712bcc220171452db545d0f9b738817760cb29fdf28cf
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: wolt Version: 0.5.4 The skill is designed to interact with a local Wolt CLI tool, enabling actions like browsing venues, managing carts, and updating profile information. It explicitly handles sensitive authentication tokens (wtoken, wrtoken, cookie) by passing them to the local CLI or configuring the local CLI. Crucially, the SKILL.md and workflow documentation include clear 'Safety Rules' instructing the AI agent to 'Request explicit confirmation before mutating commands' (e.g., cart modifications, profile address changes, credential configuration). There is no evidence of intentional harmful behavior such as data exfiltration to unauthorized endpoints, remote code execution, or persistence mechanisms beyond local CLI configuration. The instructions are transparent and actively guide the agent towards safe operation, mitigating the inherent risks of a tool with mutating capabilities.
- External report
- View on VirusTotal