Back to skill
Skillv1.1.0
VirusTotal security
EdStem · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:05 AM
- Hash
- 9135e7b200e938a1f641b5e29d88786d86c664d49ade2a2af2fdad409fe02125
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: edstem Version: 1.1.0 The skill bundle is classified as suspicious due to the presence of a hardcoded EdStem API bearer token (`ED_TOKEN = "dptT0u.adkdSAKHoFQpttiLLmuxaJRqxekDmNMIxaYZgLUn"`) in both `scripts/fetch-edstem.sh` and `scripts/fetch-edstem.py`. While the documentation (SKILL.md, README.md, PUBLISHING.md) instructs users to replace this token with their own and acknowledges it as a security concern, its inclusion in a published skill bundle constitutes a critical vulnerability, potentially exposing the skill owner's EdStem account if the token is active. All network calls are directed to the legitimate EdStem API, and there is no evidence of malicious intent such as data exfiltration to unauthorized endpoints, persistence mechanisms, or prompt injection attempts designed to subvert the agent's core function beyond its stated purpose.
- External report
- View on VirusTotal