Back to skill
Skillv0.1.0
VirusTotal security
Codeberg · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 3:35 AM
- Hash
- 9aaee71a5a255d42851717dadaf32840d0d6b62ef890cad8aa07bdbcbf510d16
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: codeberg Version: 0.1.0 The skill is classified as suspicious due to the explicit documentation of the `tea actions secrets list` command in `SKILL.md`. While this command is a legitimate function of the `tea` CLI for repository management and aligns with the stated purpose of interacting with Codeberg, it exposes a high-risk capability to an AI agent. There is no evidence of intentional malicious behavior or prompt injection to misuse this command, but its direct availability without explicit safeguards could lead to unintended sensitive data exposure if the agent is misdirected or compromised.
- External report
- View on VirusTotal