Back to skill
Skillv1.0.1
VirusTotal security
Traditional Chinese Dictionary · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 29, 2026, 4:06 AM
- Hash
- ca7d25ec296854bd9d00201eef0ad5102a61b69281ca20fd44b1b85cac494324
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: tc-dict Version: 1.0.1 This skill is classified as benign. It transparently downloads dictionary data from a specified external source (MOE Taiwan) and stores it locally. The code demonstrates good security practices, including explicit Zip-Slip protection in `scripts/download_dictionary.py` to prevent directory traversal attacks during extraction, and uses TLS verification for all HTTPS connections. File operations are confined to a user-isolated directory (`~/.openclaw/dictionaries/`). There is no evidence of intentional malicious behavior, data exfiltration, or prompt injection attempts against the agent in the code or documentation. The primary remaining risk is a supply chain compromise of the MOE download server, which is an external factor, and the skill's internal security measures mitigate common attack vectors associated with file downloads.
- External report
- View on VirusTotal