Back to skill
Skillv0.1.0
VirusTotal security
iClick Automation · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 5:41 AM
- Hash
- 433661496e1cf8dbf5478beef25d339860b9d8d6fe9b853a09b963d52dbe8294
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: iclick-skill Version: 0.1.0 The skill bundle provides a legitimate interface for the iClick (爱触云) iOS automation platform. The core logic in `server.js` and `util/iclick.js` acts as a bridge to the `iclick-auto` library, which communicates with a local automation server via WebSockets (defaulting to 127.0.0.1:23188). The command execution flow includes a safety check on method names using a strict alphanumeric regex, preventing path traversal during dynamic module loading. The functionality described in `SKILL.md` (screenshots, touch simulation, media management) is consistent with the tool's purpose, and no evidence of data exfiltration, malicious obfuscation, or host-level persistence was found.
- External report
- View on VirusTotal