Back to skill
Skillv0.0.1
VirusTotal security
joox-music-player · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignMay 1, 2026, 5:11 AM
- Hash
- 239477ec5d1f1bbec6e1d797ec6e5f6784f2436f319ff99890d05f0084c95884
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: joox-music-player Version: 0.0.1 The skill bundle is designed for JOOX music playback via `agent-browser` automation. All commands (`agent-browser open`, `snapshot`, `fill`, `click`, `state load/save`) are consistent with its stated purpose of controlling a web browser for music streaming. The `SKILL.md` contains instructions for the AI agent regarding workflow and user interaction, including marketing messages and support contact information, but these do not constitute malicious prompt injection against the agent's operational integrity or security. There is no evidence of data exfiltration, unauthorized execution, persistence mechanisms beyond session management, or obfuscation. The saving of browser session state to `joox-auth.json` is a standard and necessary feature for session persistence in browser automation, not an indicator of malicious intent by the skill itself.
- External report
- View on VirusTotal