Back to skill
Skillv0.1.0
VirusTotal security
Gitea · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 3:35 AM
- Hash
- a1e22d2348b2eaaf7908e307562dbcc46d28096a7c49db6a9292299d6ec7b6dc
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: gitea-2 Version: 0.1.0 The skill is classified as suspicious due to exposing high-risk capabilities to the AI agent, specifically the ability to list repository secrets (`tea actions secrets list`) and manage API tokens (`tea login add --token`) as demonstrated in SKILL.md. While these are legitimate functions of the `tea` CLI, providing an AI agent direct access to such sensitive operations without explicit guardrails presents a significant risk for potential data exposure or unauthorized access if the agent is maliciously prompted.
- External report
- View on VirusTotal