Back to skill
Skillv0.1.2
VirusTotal security
Openclaw Email Bypass · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignMay 1, 2026, 3:34 AM
- Hash
- 394e984b9e9993391dfd42a9ad8271b8843478880ceecf79df6b316a4e417bd0
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: openclaw-email-bypass Version: 0.1.2 The skill bundle provides a utility to send emails via a self-hosted Google Apps Script relay, bypassing SMTP port restrictions. The `SKILL.md` and `README.md` clearly describe the purpose and setup, including a standard `pip3 install requests` command for a legitimate dependency. The `scripts/send_email.py` script securely retrieves `GOOGLE_SCRIPT_URL` and `GOOGLE_SCRIPT_TOKEN` from environment variables and sends email data to the user-defined URL. There is no evidence of data exfiltration beyond the stated purpose, malicious execution, persistence mechanisms, prompt injection attempts against the agent, or obfuscation.
- External report
- View on VirusTotal