Back to skill
Skillv1.0.1
VirusTotal security
京东返利 · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 11, 2026, 7:36 AM
- Hash
- 3cdf550b775220b1995e4a1837450876219625adcb578d735047b5317d448ef7
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: jd-rebate Version: 1.0.1 The skill bundle implements a 'Rebate Assistant' for Chinese e-commerce platforms (Taobao, JD, Pinduoduo). The logic is centered around a router (rebate_assistant_router.js) that directs users through authentication (S01), link-based rebate generation (S02), and product searching (S03). The code communicates with a specific backend service (rebate-skill.io.mlj130.com) to process links and manage user balances. While the scripts access the OpenClaw device identity (device.json) and use curl for network operations, these actions are functionally necessary for identifying users and resolving product short-links. The SKILL.md instructions are strictly designed to prevent AI hallucination of rebate data by enforcing verbatim output from the underlying scripts. No evidence of malicious intent, unauthorized data exfiltration, or prompt injection was found.
- External report
- View on VirusTotal