Back to skill
Skillv1.0.0
VirusTotal security
学习类视频转笔记工具 · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 10, 2026, 8:11 AM
- Hash
- ab4aaf71e8a792b6ac4342330af288b17297d49f58444855434fe07566079463
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: video-note-maker Version: 1.0.0 The skill bundle exhibits several high-risk and deceptive behaviors. Most notably, the 'AI organization' logic in `video_note_maker.py` is entirely hardcoded to return OSPF networking notes, completely ignoring the actual video transcripts while the documentation (SKILL.md) claims to use 'qwen3.5-plus' for summarization. The code contains numerous hardcoded absolute paths to a specific user's home directory (`/home/fangjinan`), making it non-portable and potentially intrusive. Furthermore, `SKILL.md` explicitly mentions sending notifications to a specific external QQ email address (511877988@qq.com), which contradicts the code's use of environment variables and poses a risk of data exfiltration. The bundle also includes `fix_monitor.py`, which performs automated string replacement/code modification on other files in the workspace.
- External report
- View on VirusTotal