Back to skill
Skillv1.0.0
VirusTotal security
Video Editing With Gopro · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 21, 2026, 10:21 AM
- Hash
- 141e9598f2973392dd4ad032401fcdf75f2fd6e4752cec31e0c70e8173d844d8
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: video-editing-with-gopro Version: 1.0.0 The skill facilitates cloud-based video editing by connecting to a third-party API (mega-api-prod.nemovideo.ai). It instructs the agent to automatically provision anonymous authentication tokens, upload user-provided video files to remote servers, and perform environment fingerprinting by detecting its installation path (e.g., ~/.cursor/skills/) for platform attribution. While these capabilities are aligned with the stated purpose of the skill, the combination of outbound network communication, file exfiltration to a third-party service, and local directory discovery constitutes high-risk behavior under the provided security criteria. No clear evidence of intentional malice or unauthorized theft of sensitive credentials (like SSH or AWS keys) was found in SKILL.md or _meta.json.
- External report
- View on VirusTotal