Back to skill
Skillv1.1.0
VirusTotal security
Ppt Afp · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewApr 29, 2026, 6:32 AM
- Hash
- 1a891b487c0555438a436c213dbc5d32e024181cc8e760d994c1eaee35c7bc25
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: ppt-afp Version: 1.1.0 The skill bundle contains several high-risk configurations, most notably a hardcoded Feishu (Lark) user ID (ou_74c5a7816fcb78172bfca68a7f7449e8) in SKILL.md, which could result in data exfiltration if the skill is used by anyone other than the intended developer. Additionally, the execution commands explicitly disable SSL/TLS certificate validation (NODE_TLS_REJECT_UNAUTHORIZED=0), creating a significant security vulnerability. The skill also relies on specific local directory structures (e.g., '~/Desktop/二饼文件夹/') and external scripts that are not included in the bundle, suggesting it is a highly personalized or poorly generalized tool.
- External report
- View on VirusTotal