Back to skill
Skillv1.0.4
VirusTotal security
DeepTrip · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 12, 2026, 3:11 AM
- Hash
- dd1e5815c64e26742e0bc62ec927a8e5c27ea08c1971775822148b2f40bf6283
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: tc-deeptrip Version: 1.0.4 The skill is a legitimate travel assistant integration for Tongcheng Travel (ly.com). The Python script `scripts/query.py` is a straightforward API wrapper that sends user queries to the official endpoint `https://dtgw.ly.com/deeptrip/claw/chat` and includes good security practices, such as setting restrictive file permissions (0o600) when saving API keys to `config.json`. While `SKILL.md` contains strong instructions for the agent to prompt users to log in via a WeChat OAuth link, this is aligned with the stated purpose of providing a personalized travel booking experience and does not exhibit signs of data exfiltration, malicious execution, or prompt injection intended to subvert the agent's security.
- External report
- View on VirusTotal