Back to skill
Skillv1.0.0
VirusTotal security
Resume Score for the resume · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 12, 2026, 1:36 PM
- Hash
- 9a70800d1d9b619386a8ad1aeed72000f65e2a64c3e7d0a6d69f59894f22b8b5
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: unclecheng-ai-resume-judge Version: 1.0.0 The skill bundle contains a resume scoring engine that exhibits risky file handling behavior. Specifically, `scripts/resume_scorer.py` attempts to open and read any input string that looks like a file path without sanitization or validation, which could be exploited to read arbitrary local files. Furthermore, the script contains a hardcoded absolute output path (`C:/Users/UncleC/Desktop/...`), indicating poor security hygiene and potential for unauthorized file writes on specific systems. While these appear to be unintentional vulnerabilities rather than intentional malice, they pose a risk to the host environment.
- External report
- View on VirusTotal