Back to skill
Skillv1.0.1
VirusTotal security
audioclaw-skills-voice-reply · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 28, 2026, 6:33 AM
- Hash
- de11622f3379dc0c624165caf890c5bed11d09b7c11837662d4abd878e41ce65
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: audioclaw-skills-voice-reply Version: 1.0.1 The skill bundle provides advanced TTS routing and Feishu/Lark integration but contains several high-risk behaviors. The script `feishu_audio_sender.py` reads sensitive Feishu app credentials from the filesystem and scrapes workspace session logs (`.jsonl` files) to infer chat IDs, which involves broad file access. Additionally, `SKILL.md` and `agents/openai.yaml` use prompt-steering instructions to force the agent to default to a specific hardcoded clone voice ID (`vc-yxdCFUKyNLPexxJ66jaXWk`) and bypass standard tool execution paths, which could be used to influence agent behavior non-transparently.
- External report
- View on VirusTotal