Back to skill
Skillv1.0.0
VirusTotal security
视频日语字幕 · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 25, 2026, 11:06 AM
- Hash
- ec9d015a2ca1fb6ddac05bd7ff2be1827a56f3f6353b9fa20879de29f1526a43
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: video-japanese-subtitle Version: 1.0.0 The skill bundle contains several high-risk coding practices and hardcoded sensitive information in `scripts/subtitle_translate.py`. Specifically, it includes a hardcoded API token (`QCLAW_TOKEN`) and multiple absolute file paths (e.g., `D:\Users\liket\Desktop\000`) that point to a specific user's environment, making the script non-portable and potentially exposing local directory structures. While the logic appears aligned with the stated purpose of video translation, the inclusion of hardcoded credentials and the reliance on specific local paths are significant security vulnerabilities.
- External report
- View on VirusTotal