Back to skill
Skillv1.0.0
VirusTotal security
Auto Video Analyzer · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewApr 30, 2026, 6:06 AM
- Hash
- 95bbab1a4901f8e98f5a0430046162942259357c2f20fe63a2d7660fe201f9c1
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: auto-video-analyzer Version: 1.0.0 The skill implements a 'download-and-execute' pattern in SKILL.md, instructing the AI agent to fetch and run external PowerShell or Bash scripts from a GitHub repository (raw.githubusercontent.com/shishenbaiye/auto-video-analyzer) based on the host OS. While the stated purpose is video analysis via FFmpeg, executing unverified remote code at runtime is a significant security risk (RCE) because the remote scripts can be modified independently of the skill bundle. No explicit evidence of malicious intent was found in the provided text, but the mechanism itself is high-risk.
- External report
- View on VirusTotal