Back to skill
Skillv2.0.0
VirusTotal security
A2A Vault · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 29, 2026, 4:20 AM
- Hash
- 3ceeeb54e4882366c89d09dd0256f4fd834da02117edcf4532539b7e25831973
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: a2a-vault Version: 2.0.0 The skill bundle defines a 'a2a-vault' for zero-knowledge secrets management. All described tools (`passbox_get_secret`, `passbox_set_secret`, `passbox_import_env`, etc.) align with its stated purpose of securely storing, retrieving, and managing credentials. While the skill handles sensitive data and relies on an external Node.js plugin (`@a2a/openclaw-plugin`) for functionality, the provided files contain no evidence of malicious intent, data exfiltration, unauthorized execution, or prompt injection attempts against the agent. The capabilities, such as reading `.env` files, are explicitly part of its legitimate design.
- External report
- View on VirusTotal