Back to skill
Skillv1.2.0
VirusTotal security
Kim Msg Skill · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 4:41 AM
- Hash
- 2cb1c9f32412d1201f1663c8669bd889860d1c4d9233767dbbdc36e2764e93b7
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: kim-msg Version: 1.2.0 The kim-msg skill is a legitimate tool designed to send messages via the Kuaishou Kim IM platform using Webhooks or the Message Number API. The scripts (send.sh, webhook.sh, and message.js) implement a credential-loading mechanism that checks environment variables and local configuration files (e.g., ~/.openclaw/.secrets) specifically for its own required keys (KIM_APPKEY, KIM_SECRET, KIM_WEBHOOK_TOKEN). All network communication is directed to official Kuaishou domains (corp.kuaishou.com and kwaitalk.com), and the code contains no evidence of data exfiltration, malicious execution, or prompt injection.
- External report
- View on VirusTotal