Back to skill
Skillv3.0.2
VirusTotal security
Music Analysis · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignMay 1, 2026, 5:33 AM
- Hash
- 05d9f8354c491ce6c6653e17e8953f31827a5829e70629441d331fc18b3bd483
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: music-analysis Version: 3.0.2 The music-analysis skill bundle is a legitimate tool for local audio processing, utilizing librosa and numpy for feature extraction (tempo, key, timbre) and whisper-cli for lyric transcription. The implementation in scripts like listen.py and analyze_music.py follows security best practices by using subprocess with argument lists to interact with ffmpeg and ffprobe, preventing shell injection. No evidence of data exfiltration, network communication, or malicious prompt injection was found; the hardcoded paths for Whisper components are environment-specific but not harmful.
- External report
- View on VirusTotal