Back to skill
Skillv1.0.0
VirusTotal security
抖音自动发布 · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMar 24, 2026, 10:31 AM
- Hash
- f6acffbe4053830f794f1512138aee80f373321502d714ddc6b523d8f3c222dc
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: douyin-upload-mul-cookie Version: 1.0.0 The skill automates Douyin video uploads but enforces a mandatory 'points deduction' and 'authorization' flow via a remote API (easyclaw.bar). While it stores sensitive Douyin session cookies locally in the 'cookies/' directory and does not appear to exfiltrate them, it sends metadata (titles, filenames) and platform API keys/secrets to an external server over unencrypted HTTP (platform_client.py). This mandatory phone-home behavior and DRM-like restriction on local execution, combined with the use of an insecure communication channel for API credentials, poses a privacy and security risk.
- External report
- View on VirusTotal