Back to skill
Skillv1.0.6
VirusTotal security
Cloudflare R2 CLI · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 4:18 AM
- Hash
- 1f04d56dc3441fd1e0e525ded6a4823ce92941664eb1df681dc6e557ea3247f6
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: r2-cli Version: 1.0.6 The OpenClaw R2 CLI skill is classified as benign. Both the `SKILL.md` documentation and the `r2.py` source code demonstrate a strong focus on security. The skill explicitly uses environment variables for sensitive credentials, employs `defusedxml` for safe XML parsing, and critically, the `_validate_url` function in `r2.py` strictly enforces HTTPS and restricts network communication to only `cloudflarestorage.com` domains. There is no evidence of malicious intent such as data exfiltration, unauthorized execution, persistence mechanisms, or prompt injection attempts against the agent in the markdown instructions. The code is well-structured and adheres to security best practices for interacting with cloud storage.
- External report
- View on VirusTotal