Back to skill
Skillv1.0.0
VirusTotal security
Reddit VOC Lobster Pro · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:18 AM
- Hash
- 22d830b3cc6ed1e04afbac857624ad92ed4fcd0f34dab334b0c1f780a1bd424e
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: reddit-voc-lobster-pro Version: 1.0.0 The skill contains hardcoded sensitive credentials in 'dinoho_voc_engine.py', including a Cloudflare API token, Cloudflare Account ID, and Feishu (Lark) Bitable tokens. It also uses 'subprocess.run' with 'shell=True' to execute deployment commands via Wrangler, which is a significant security risk. While the script appears to perform its stated function of generating marketing reports, the exposure of secrets and insecure execution patterns are high-risk vulnerabilities.
- External report
- View on VirusTotal