VirusTotal 样本查询
v1.8.1根据用户提供的哈希值,自动查询并格式化输出VirusTotal样本的检测统计、家族标签、沙箱分析及关键信息报告。
⭐ 1· 332·0 current·0 all-time
byLing@lingggao
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description match the SKILL.md: it queries VirusTotal for a provided hash and formats detection, family, behavior and community data. However, the SKILL.md expects browser automation as a fallback yet the skill declares no required binaries, install steps, or platform capability checks — a minor incoherence (the skill assumes the host agent already provides browser automation tooling).
Instruction Scope
Instructions stay within the stated purpose: fetch Detection/Details/Relations/Behavior/Community from VirusTotal (via API if key provided, otherwise via automated scraping of the GUI). The skill explicitly forbids downloading samples, logging in, using cookies, reading unrelated system files, or storing the API key — those constraints reduce scope creep. The instruction to re-query the GUI page on each invocation and to parse JSON embedded in pages is expected for scraping but gives the agent broad discretion in how it interacts with the remote page.
Install Mechanism
This is an instruction-only skill with no install spec and no code files, so nothing is written to disk by the skill itself. That is low risk. The one caveat: browser automation is referenced but not installed or declared — the skill relies on the platform providing automation tools.
Credentials
The skill does not request environment variables or stored credentials from the registry. It legitimately asks the user to provide their VirusTotal API key as an optional input for the API-based path. This is proportional to the functionality. The SKILL.md also instructs the agent not to persist the API key or transmit it outside VirusTotal, which is appropriate, though enforcement depends on the host agent implementation.
Persistence & Privilege
always is false and the skill does not request permanent system presence or elevated privileges. It does not modify other skills or system-wide settings. Autonomous invocation is allowed (platform default) but not combined with other concerning flags.
Assessment
This skill appears to do what it says: query VirusTotal for a hash and format the result. Before installing, consider: 1) The skill assumes your agent environment can perform browser automation (Playwright/Selenium-like tooling) but it doesn't declare or install such tools — verify your environment supports that or provide a VirusTotal API key instead. 2) Only provide your VirusTotal API key if you trust the skill and the agent host; prefer entering it interactively and avoid storing it in persistent skill settings. 3) The skill forbids downloading samples or logging in, but the agent will be performing web requests and scraping; review your platform's logs/privacy policy to ensure keys or query data won't be retained. 4) Be mindful of legal/rate-limit warnings in the SKILL.md (it asks to warn users after many rapid queries). If you need higher assurance, ask the author for a mechanism that explicitly uses the official API only (no scraping) and documents how the key is handled.Like a lobster shell, security has layers — review code before you run it.
VirusTotalvk9789zynch0mbjb77jdwqkbtc583tc9hlatestvk9789zynch0mbjb77jdwqkbtc583tc9h
License
MIT-0
Free to use, modify, and redistribute. No attribution required.