Back to skill
Skillv1.0.1
VirusTotal security
bundlephobia · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 14, 2026, 3:16 PM
- Hash
- 143764f79e51b36773569f22158219b68e43660f7490e3ae553e73d9f2f214cd
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: bundlephobia Version: 1.0.1 The bundle is a legitimate static analysis tool for JavaScript and TypeScript projects designed to identify bundle bloat and dependency issues. It operates entirely locally using standard shell utilities (grep, find, du) to scan source code and configuration files against a comprehensive set of 90+ patterns defined in scripts/patterns.sh. The licensing system (scripts/license.sh) uses offline JWT validation without telemetry or network calls, and the git hook integration (scripts/bundlephobia.sh) is a standard development workflow feature that is clearly documented and user-invoked.
- External report
- View on VirusTotal