Back to skill
Skillv1.4.0
VirusTotal security
Terabox Link Extractor · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 3:35 AM
- Hash
- f4a04d3554707290dd75faf96199dc309bf431e0835983d3a3d1543a65c1b7b4
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: terabox-link-extractor Version: 1.4.0 The OpenClaw skill 'terabox-link-extractor' is benign. Its primary function is to extract direct download links from TeraBox URLs using the XAPIverse API. The `SKILL.md` explicitly implements an 'Informed Consent Protocol' requiring user permission before transmitting the URL and `TERABOX_API_KEY` to `https://xapiverse.com`, which is the stated third-party service. The `scripts/extract.js` file includes robust path traversal protection for downloads, ensuring files are written only within a designated 'Downloads' directory. There is no evidence of data exfiltration to unauthorized endpoints, malicious execution, persistence mechanisms, or prompt injection attempts designed to subvert the agent's security protocols.
- External report
- View on VirusTotal