Back to skill
Skillv1.0.0
VirusTotal security
Wechat Article Auto Gen · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMar 25, 2026, 12:46 PM
- Hash
- 7b57d575ed75cce8b897ccabac50f6aa748200b9ccf6fae69ea358542fdfff62
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: wechat-article-auto-gen Version: 1.0.0 The skill bundle contains a hardcoded API key for the Volcano Engine (Volcengine) image generation service (565ec265-1b1e-4fa4-bcd8-c3d37c6a6198) within the `SKILL.md` file. While the code logic for scraping, rewriting, and image generation aligns with the stated purpose of automating WeChat articles for a fitness brand, the inclusion of static credentials and the lack of input validation in the `scrape_article` function (potential SSRF) represent significant security vulnerabilities rather than intentional malice.
- External report
- View on VirusTotal