Back to skill
Skillv1.0.7
VirusTotal security
Sensitive Data Masker · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 4:58 AM
- Hash
- aa0d407692e10587e165fd54fdb36deb40622a80972c6bb6b0241279e7cac2c6
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: sensitive-data-masker Version: 1.0.7 The skill is designed to enhance security by masking sensitive data before it reaches an LLM and restoring it locally for task execution. It employs robust security measures, including mandatory AES-256 encryption for sensitive data at rest (enforced by `sensitive-masker.py` which exits if `cryptography` is not available), secure key generation with `chmod 0o600`, and parameterized SQLite queries to prevent SQL injection. The OpenClaw hook (`handler.js`) uses `child_process.spawn` with an argument array, mitigating shell injection risks. All data is stored locally within the skill's dedicated directory, and there is no evidence of data exfiltration or malicious prompt injection attempts in any files.
- External report
- View on VirusTotal