Back to skill
Skillv1.0.2
VirusTotal security
vinci-tarot · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 4:50 AM
- Hash
- 8e295f7251b8421db13fddd5aef69c26babb04a9a99a4032e1aeaf179ff5a37c
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: vincitarot Version: 1.0.2 The OpenClaw Tarot skill is designed to provide tarot readings, involving local data processing, image generation, and controlled external network calls. The `SKILL.md` contains detailed instructions for the AI agent to guide its persona and workflow, including executing a local Python script (`tarot_skill/scripts/generate_spread_image.py`) for image generation. This script, and its dependency `tarot_skill/scripts/download_card_images.py`, make HTTP requests to `https://www.sacred-texts.com/tarot/pkt/img/` to fetch public domain card images, which is consistent with the skill's stated purpose. All file system operations are local and confined to the skill's data and output. There is no evidence of prompt injection attempting to subvert the agent, data exfiltration, persistence mechanisms, or other malicious intent.
- External report
- View on VirusTotal