Back to skill
Skillv1.0.0
VirusTotal security
SnapTrade · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 3:54 AM
- Hash
- dc1cda3db5fd354b39136acfd744544e1af9b353e0cf790fb3368e15a8ff6eea
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: snaptrade Version: 1.0.0 The skill is classified as suspicious due to its high-risk capabilities, specifically the ability to place buy/sell orders (`scripts/snaptrade_order.py`) and the instruction in `SKILL.md` for the AI agent to set up a cron job for daily reports. While these actions align with the stated purpose of a financial portfolio management skill, they represent significant power (financial transactions, persistence) that, if misused by a compromised or vulnerable AI agent (e.g., via shell injection from user input or prompt injection), could lead to severe consequences. There is no evidence of intentional malicious design within the skill's code or instructions, such as data exfiltration to unauthorized endpoints or stealthy backdoors, but the inherent risk of these capabilities warrants a 'suspicious' classification.
- External report
- View on VirusTotal