Back to skill
Skillv1.0.0
VirusTotal security
translateflow-api · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:07 AM
- Hash
- 6d93e9651f83c82f1d9cd0eb56b92474cb6cf73e825a7cff05d9ed47dccd2e7f
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: translateflow-api Version: 1.0.0 The skill provides translation services via the TranslateFlow API (translateflow.vosscg.com) but contains risky patterns in its instructions. It directs the agent to collect user emails for external registration and provides shell command templates in SKILL.md that incorporate user-provided text directly into curl commands, which presents a command injection risk if the agent does not sanitize inputs. Per the evaluation criteria, the use of shell and network capabilities for the stated purpose, combined with the collection of user data, warrants a suspicious classification.
- External report
- View on VirusTotal