Back to skill
Skillv1.0.4
VirusTotal security
Downloader tiktok videos · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:38 AM
- Hash
- 8b6255bab72f75ad883aee98f837878412ac076e78350f0886e0bfdc291b5225
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: downloader-tiktok-videos Version: 1.0.4 The skill is classified as suspicious due to its instructions for system-wide package installations (`pip install --break-system-packages`, `apt-get install ffmpeg -y`) in `SKILL.md` and `advanced.md`, which modify the host environment. Furthermore, the skill explicitly handles and provides commands for exporting sensitive browser session cookies (`--cookies-from-browser`) in `download_latest.py` and `advanced.md`. While the script includes warnings about cookie security and uses `subprocess.run` securely to prevent direct shell injection, exposing these capabilities to an AI agent, even with benign intent, presents a significant risk for misuse via prompt injection or unintended data exposure.
- External report
- View on VirusTotal