Weibo TV Video Details API
PassAudited by VirusTotal on May 10, 2026.
Overview
Type: OpenClaw Skill Name: justoneapi-weibo-tv-component Version: 1.0.0 The skill is a standard API wrapper for fetching Weibo TV video details via JustOneAPI. The execution logic in bin/run.mjs is straightforward, using the built-in fetch API to make requests to a legitimate endpoint (api.justoneapi.com) without any signs of obfuscation, unauthorized data access, or malicious intent.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Someone with access to the same machine or relevant logs could potentially see and reuse the JustOneAPI token.
The token is expected for this API call, but passing it as a CLI argument can expose it locally through process listings or command recording while the helper runs.
node {baseDir}/bin/run.mjs --operation "tvComponentV1" --token "$JUST_ONE_API_TOKEN" --params-json '{"oid":"<oid>"}'Use this only on trusted systems, avoid sharing command logs, and prefer a future helper version that reads JUST_ONE_API_TOKEN directly from the environment or stdin instead of argv.