Back to skill
Skillv1.0.2
VirusTotal security
ClawCost · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 29, 2026, 3:53 AM
- Hash
- 552d42b74aee140c9d2b9ccacfd0a8280a504d516174fafb3ea00ece0b6c683d
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: clawcost Version: 1.0.2 The skill bundle is benign. The `scripts/clawcost.py` script reads OpenClaw session logs from `~/.openclaw/agents/main/sessions/*.jsonl` and writes configuration to `~/.clawcost/config.json`, both of which are necessary and expected for its stated purpose of tracking agent costs. The script does not perform any network calls, execute arbitrary commands, or access unrelated sensitive files. The `SKILL.md` file contains instructions for the AI agent on how to format output and generate alerts, which is a functional use of prompt injection to guide the agent's behavior for the skill's intended purpose, not for malicious ends.
- External report
- View on VirusTotal