Back to skill
Skillv1.0.0
VirusTotal security
Quant · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 28, 2026, 5:25 AM
- Hash
- 04d00216cff3e9cfa9d26b9b8cebaa7463a45dcbd3a60dc8eccaebbcd7cba52f
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: quant Version: 1.0.0 The skill provides quantitative trading functionality, including data retrieval from Tushare/Akshare and factor analysis in lib/data.py and lib/alpha_stream.py. It is classified as suspicious because it utilizes high-risk capabilities such as network access and file system interaction, and the SKILL.md file contains prompt-injection instructions designed to autonomously direct the agent's workflow ('I will immediately create...'), which attempts to bypass user control. Additionally, the mention of an automated installation command ('quant install') and discrepancies between the documented directory structure and the provided files suggest potential for unverified code execution.
- External report
- View on VirusTotal