Back to skill
Skillv2.0.0
VirusTotal security
Bilibili AI Subtitle · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 8:42 AM
- Hash
- 9453f46e1828dbca2badbdaa3817901c7d0482b211b7c717c00aa3a79088d3a8
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: bilibili-ai-subtitle Version: 2.0.0 The script `scripts/bilibili_ai_subtitle.sh` automatically attempts to locate and access browser cookie databases from the host system, specifically targeting WSL Chromium and Windows Edge profiles (via `/mnt/c/Users/`). While this is documented as a feature to allow `yt-dlp` to access member-only content, the automated scanning of host user directories and browser data represents a significant privacy risk. There is no evidence of intentional data exfiltration or malicious logic, but the capability to access sensitive host-level credentials warrants a suspicious classification.
- External report
- View on VirusTotal