Back to skill
Skillv1.0.0
VirusTotal security
Claw Store Skill · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 4:46 AM
- Hash
- cb559bedbae3b35da9d90857459f898690adb1161648afeef21e7b639f0a0747
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: claw-store-skill Version: 1.0.0 The skill bundle is benign. The `SKILL.md` provides clear, secure instructions for the AI agent, including explicit guidance to 'Never log or expose JACKAL_MEMORY_API_KEY' or 'JACKAL_MEMORY_ENCRYPTION_KEY', which are good security practices rather than prompt injection attacks. The `jackal-memory/client.py` script implements client-side AES-256-GCM encryption for data before sending it to the specified external API (`https://web-production-5cce7.up.railway.app`). It handles API keys and encryption keys securely via environment variables or a dedicated local configuration file (`~/.config/jackal-memory/key`). There is no evidence of data exfiltration, malicious execution, persistence mechanisms, or other harmful behaviors.
- External report
- View on VirusTotal