Back to skill
Skillv1.1.0
VirusTotal security
Video Generator Auto Post · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 5:00 AM
- Hash
- c9e8a43d0a60f4ba777e46f06ca034e430439a2267da2220bff0e30c717009f9
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: video-generator-auto-post Version: 1.1.0 The skill is classified as suspicious because it explicitly sets up the framework for handling sensitive API keys and performing network operations to external social media platforms, even though the core posting functionality in `scripts/auto-post.py` is currently a stub (marked with `TODO`s). The `SKILL.md` instructs users to configure API keys in a `.env` file, which `scripts/auto-post.py` loads. While there is no evidence of immediate malicious intent, data exfiltration, or active vulnerabilities in the provided code, the clear intent and preparation for risky capabilities (handling credentials, external network communication) without full implementation makes it not entirely benign, as future completion could introduce vulnerabilities.
- External report
- View on VirusTotal