Back to skill
Skillv1.0.1
VirusTotal security
Custom Podcast Discovery & Generation · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 5:19 AM
- Hash
- dea1136fa77977e3e3422d3f3c41e96a103e5e96240c43b16e4354bfbc6dc7a3
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: custom-podcast-discovery Version: 1.0.1 The skill provides a legitimate and well-documented automated podcast generation pipeline, including topic discovery, research, and audio production. Security analysis of 'scripts/upload.py' and 'scripts/pipeline.py' shows safe usage of the subprocess module (passing arguments as lists and avoiding shell=True), with explicit validation of S3 configuration parameters to prevent command injection. While the pipeline is theoretically vulnerable to indirect prompt injection if a configured RSS feed contains malicious instructions, there is no evidence of intentional malice, data exfiltration, or unauthorized persistence mechanisms.
- External report
- View on VirusTotal