Back to skill
Skillv1.0.0
VirusTotal security
Baidu Image Classify · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewApr 11, 2026, 9:56 AM
- Hash
- 676062018eb4fa64b082b2b26a1bc352d39a05960f4f3ba198545dcaa0e44215
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: baidu-image-classify Version: 1.0.0 The skill bundle contains code in SKILL.md that performs high-risk operations, such as reading arbitrary local files and making network requests based on unsanitized user input (image_path), which could lead to Local File Inclusion (LFI) or Server-Side Request Forgery (SSRF). Additionally, it includes a hardcoded Baidu Cloud API key (bce-v3/ALTAK-...), which is a significant security risk and credential leak.
- External report
- View on VirusTotal