Back to skill
Skillv1.1.0
VirusTotal security
HappyHorse 视频创作助手 · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 28, 2026, 8:51 AM
- Hash
- aee53d7acfe6598241448ed6b361dc17bc2f7035a39b639e466d167a502a1d5e
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: happyhorse-video-creator Version: 1.1.0 The skill bundle implements video generation via the Alibaba DashScope API but contains a hardcoded API key (sk-d05aba5a2dae4453b97ed07fdb983e5a) in both SKILL.md and happyhorse_video_creator.py, which is a significant security vulnerability (credential exposure). It also references a specific external IP (43.167.197.36) for test assets. While the code logic appears aligned with its stated purpose and lacks clear malicious intent, the hardcoded credentials and lack of input sanitization for external URLs represent high-risk security flaws.
- External report
- View on VirusTotal