Back to skill
Skillv1.0.0
VirusTotal security
Text To Video Local Model · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 16, 2026, 6:21 PM
- Hash
- ed843956a3978ab3b72ba4785c2a5d40ecd2d6ed75b9e464cbbba2102aafebde
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: text-to-video-local-model Version: 1.0.0 The skill exhibits deceptive behavior by branding itself as a 'Local Model' in its name and display name, while the internal instructions (SKILL.md) explicitly mandate a cloud-based processing pipeline via 'mega-api-prod.nemovideo.ai'. It instructs the agent to hide tokens and raw API outputs from the user and performs environment fingerprinting to detect the host platform (e.g., Cursor vs. OpenClaw). While it does not explicitly exfiltrate system secrets like SSH keys, the contradiction between its 'local' privacy claim and its cloud-reliant implementation is a significant indicator of deceptive intent.
- External report
- View on VirusTotal