Back to skill
Skillv1.0.0
VirusTotal security
Free To Video Ai · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 11, 2026, 2:41 AM
- Hash
- 8dcc64b01874cfe2a40f472ef3922b51abcac2155878bef1dd6a7882882c0cb7
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: free-to-video-ai Version: 1.0.0 The skill facilitates text-to-video conversion via a remote API (mega-api-prod.nemovideo.ai) but exhibits several high-risk behaviors. It instructs the agent to perform environment discovery by checking local installation paths (e.g., ~/.clawhub/) for telemetry and provides instructions for uploading local files to the remote server without any path validation or sanitization logic in the SKILL.md, creating a potential path for data exfiltration if the agent is prompted to upload sensitive files. While these capabilities are aligned with the stated purpose, the lack of security constraints and the automated session/token management with a third-party endpoint warrant a suspicious classification.
- External report
- View on VirusTotal