Back to skill
Skillv1.0.0
VirusTotal security
TBOT Controller · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 29, 2026, 3:47 AM
- Hash
- 3c2e1171aa2fdce2bbfe2ba0d45e942eae33482049502d34d83923c9333a0572
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: tbot-controller Version: 1.0.0 The skill is designed to operate a TradingBoat/TBOT runtime stack, which inherently involves executing system commands (docker, systemctl), reading configuration files (.env, docker-compose.yml), accessing a SQLite database, and making network calls (webhooks, health checks). All these actions are explicitly described in SKILL.md and implemented with clear safety mechanisms. The code uses `subprocess.run` with lists of arguments to prevent shell injection, enforces read-only access for database operations, and requires explicit `--run-it` confirmation for state-changing actions. There is no evidence of intentional harmful behavior such as data exfiltration to unauthorized endpoints, backdoor installation, or prompt injection designed to subvert the agent's safety protocols for malicious ends. The instructions in SKILL.md are designed to constrain the agent's behavior towards safety.
- External report
- View on VirusTotal