Back to skill
Skillv1.0.0
VirusTotal security
Meixin Meeting Assistant · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 9, 2026, 4:11 PM
- Hash
- e965768faef80388c852732fbba560be957112ac6dc49561e3733f8cf19d2dd8
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: jiadong-meixin-meeting Version: 1.0.0 The skill bundle contains a hardcoded Alibaba DashScope API key (sk-46dec88b0761409dbd416405d53f73a5) in both SKILL.md and scripts/transcribe_meixin.py, which is a major security vulnerability. Additionally, the skill requests broad access to sensitive workspace files like /workspace/MEMORY.md and sends audio data to an external endpoint (dashscope.aliyuncs.com) for transcription. While the logic appears consistent with its stated purpose of meeting transcription, the hardcoded credential and the potential for internal data exposure via external API calls warrant a suspicious classification.
- External report
- View on VirusTotal