Back to skill
Skillv1.0.0
VirusTotal security
Audio Summary · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:28 AM
- Hash
- 1ddeb0f411c52e3423d7b62713bbe645b516320a12ebdfbe98ae0d42ee09fe99
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: audio-summary Version: 1.0.0 The skill contains a hardcoded Aliyun DashScope API key in 'audio_summary_skill.py', which is a significant security risk and credential leak. Additionally, the script is vulnerable to shell injection because it uses an f-string to construct an 'os.system' command with the 'video_path' input without proper sanitization. While these represent critical security vulnerabilities (RCE and credential exposure), they appear to be unintentional flaws rather than intentional malware designed for exfiltration or persistence.
- External report
- View on VirusTotal