Back to skill
Skillv1.2.3
VirusTotal security
Undersheet · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignMay 1, 2026, 4:38 AM
- Hash
- 78361865e7659018a493c23af75169eae1a235d4d9663c7ee11d9d5c0fe7af04
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: undersheet Version: 1.2.3 The OpenClaw AgentSkills skill bundle 'undersheet' is classified as benign. Its code and documentation consistently align with its stated purpose of providing persistent thread memory and feed tracking across various social platforms. While it handles sensitive credentials (API keys, usernames/passwords, OAuth tokens) by storing them in plaintext JSON files in `~/.config/undersheet/`, this is for its own operation and is a common configuration pattern, not an indicator of malicious intent. The skill makes extensive network calls to legitimate API endpoints and uses `importlib` for a standard plugin architecture. Prompt injection instructions in `SKILL.md` are limited to configuring the skill for persistence (heartbeat) which is part of its stated functionality, without any evidence of deceptive or harmful objectives.
- External report
- View on VirusTotal