Back to skill
Skillv1.0.0
VirusTotal security
AI RecSys Weekly Report · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 19, 2026, 10:06 AM
- Hash
- b722112e7bc7ec9c1c940a9391205f04eff274a198d81b77986b193a4a04017a
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: ai-recsys-weekly-report Version: 1.0.0 The skill bundle automates the generation of technical reports on AI recommendation systems and their synchronization with the Tencent IMA platform. The core logic in `scripts/upload-to-ima.py` manages a standard three-step upload process (media creation, COS upload, and knowledge base association) using the legitimate `ima.qq.com` API. While the skill reads credentials from a local config file (`~/.config/ima/`) and executes Node.js via `subprocess.run`, these actions are clearly aligned with the stated purpose of the tool. No evidence of data exfiltration, malicious execution, or harmful prompt injection was found; the hardcoded environment-specific paths (e.g., for Node.js) appear to be usability flaws rather than intentional vulnerabilities.
- External report
- View on VirusTotal