Back to skill
Skillv1.3.2
VirusTotal security
Revolut · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignMay 1, 2026, 3:53 AM
- Hash
- 6601a32445a735030b5e36077b7ee140b028c1dff4b965c5eaeec492c915ebca
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: revolut Version: 1.3.2 The skill is designed for Revolut web automation to fetch banking data. It uses Playwright to interact with the Revolut website and its internal APIs. Key security features include explicit output path sanitization (`_safe_output_path` in `scripts/revolut.py`) to prevent arbitrary file writes, and clear documentation in `SKILL.md` and `SETUP.md` about local state storage and the handling of PINs from `config.json`. While storing PINs in `config.json` is a security consideration for the user, the script itself does not exfiltrate this data or perform any other unauthorized actions. All network calls are directed to Revolut's own domains, and there is no evidence of malicious execution, persistence, or prompt injection attempts against the agent.
- External report
- View on VirusTotal