Back to skill
Skillv1.0.0
VirusTotal security
Fastmail Jmap.Disabled · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignMay 1, 2026, 4:50 AM
- Hash
- 87d74f051ba6a0db21632c992b51d85bddaf62213cf7fcce4b1aaa6c6466916a
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: fastmail-jmap-disabled Version: 1.0.0 The skill bundle is benign. It provides functionality to manage Fastmail emails and contacts via the JMAP API, as explicitly described in SKILL.md. The Python scripts (`fastmail.py` and `contacts.py`) use standard libraries (`urllib.request`, `json`, `os`, `sys`) to interact solely with `api.fastmail.com`. There is no evidence of data exfiltration to unauthorized endpoints, malicious execution (e.g., `eval`/`exec` of untrusted input, `curl|bash`), persistence mechanisms, or obfuscation. The SKILL.md instructions are clear, transparent, and even include a positive security instruction for the agent to 'Always ask before sending. Never send without approval.', indicating no prompt injection attempts.
- External report
- View on VirusTotal