Podpoint
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: podpoint Version: 1.0.0 The skill is designed to monitor the public status of Pod Point charging pods. The `index.js` code makes HTTP GET requests exclusively to `https://charge.pod-point.com` to fetch public data, which aligns with the stated purpose. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, or prompt injection attempts in `SKILL.md` that would manipulate the agent into performing unauthorized actions. The `skill.json` defines a clear and limited interface for the skill.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used with a long timeout, the skill may continue polling Pod Point for an extended period during the task.
The watch action repeatedly polls an external endpoint until the timeout is reached. This is expected for a charger watcher, but users should know it can keep an invocation running for the requested watch period.
async function podpoint_watch({ podId, intervalSeconds = 30, timeoutSeconds = 900 }) ... while (Date.now() - started < timeout * 1000) { ... await sleep(interval * 1000); }Use reasonable timeout and interval values, and invoke the watch action only when you actually want ongoing monitoring.