Back to skill
Skillv1.0.2
VirusTotal security
Looper Golf · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignMay 1, 2026, 3:48 AM
- Hash
- 79747a4cde60cd182b025530d4b30a79b27ae6becc2510fe806802c0b57b3f6e
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: looper-golf Version: 1.0.2 The skill bundle is designed for playing a golf game via CLI commands and interacting with a remote API. The `SKILL.md` provides clear instructions to the AI agent, including 'CRITICAL RULES' that explicitly forbid direct HTTP requests or `curl` calls, mitigating prompt injection risks for network exfiltration. The `cli.js` code handles arguments safely, without direct shell execution of user input, and includes robust path traversal protection for its state file. While the `cmdPrepareRound` command generates on-chain transaction data based on server-provided configuration (introducing a trust dependency on the game server), the `SKILL.md` explicitly warns the user to verify the transaction details before submission, indicating an awareness of this risk rather than malicious intent by the skill itself. No evidence of intentional data exfiltration, backdoors, or other malicious activities was found.
- External report
- View on VirusTotal