Back to skill
Skillv1.1.0
VirusTotal security
小红书爆款文案生成(她势自游版) · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 9, 2026, 10:51 AM
- Hash
- 49d5c6009e9fbb55ff1df418802666a559b7dcddb1f0566834767b691af5263b
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: xhs-bahamo-copywriter Version: 1.1.0 The skill bundle contains multiple hardcoded Feishu (Lark) 'app_token' strings and 'table_id' values within SKILL.md (e.g., Mz8ybqtVZaU7qrs3zZYcmUssn4d). While these appear to be configuration for the stated purpose of managing Xiaohongshu marketing schedules, hardcoding sensitive credentials in the instruction file exposes the underlying data infrastructure to unauthorized access. The logic also includes a 'delete before write' conflict resolution rule which, while functional, could lead to data loss if the agent misidentifies records.
- External report
- View on VirusTotal