Back to skill
Skillv1.0.1
VirusTotal security
baidunetdisk · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignMay 1, 2026, 4:05 AM
- Hash
- 48c552923fb01a6ffc7fec5cc6b16d6b7996d338d7203e7da0cbcc6967b11a17
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: baidunetdisk-skill Version: 1.0.1 The skill is designed to interact with Baidu Netdisk via its official API, supporting file management operations like listing, searching, sharing, transferring, creating, renaming, moving, and deleting files. The `SKILL.md` and `README.md` are transparent about the requirement for sensitive BDUSS and STOKEN credentials, explicitly warning users about the full access these provide and recommending secure handling (environment variables, test accounts). The `scripts/main.py` code uses the `requests` library to communicate solely with `pan.baidu.com` endpoints, with no evidence of data exfiltration to unauthorized third parties, arbitrary command execution, obfuscation, or malicious prompt injection attempts against the OpenClaw agent. The `skill.json` correctly marks credentials as `secret: true`. The functionality aligns with the stated purpose, and the security warnings are responsible disclosures of inherent risks, not indicators of malice.
- External report
- View on VirusTotal