Back to skill
Skillv1.0.0
VirusTotal security
MiniMax AI音乐生成 · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 11, 2026, 3:51 PM
- Hash
- 62e36c9def8dbd545651a463de6f0ba1bfce8a1b2f94a6b2e7e6a04d53f393a4
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: minimax-music-ai Version: 1.0.0 The skill bundle contains a hardcoded MiniMax API key in 'scripts/generate.py', which is a significant credential exposure vulnerability. The script also utilizes 'subprocess.run' to execute 'ffmpeg' with the '-safe 0' flag for audio merging; while this is functional for the stated purpose, it represents a high-risk capability that could be exploited if input filenames are not strictly controlled. No evidence of intentional malicious behavior or data exfiltration was found.
- External report
- View on VirusTotal