Back to skill
Skillv1.0.0
VirusTotal security
A Stock Watcher · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 5:20 AM
- Hash
- af1fefc2ab79d93a1db07b0ee8795b0ff72d229f557f1fe4ad91cfa1c0e6acc3
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: a-stock-watcher Version: 1.0.0 The skill bundle provides a comprehensive stock analysis and monitoring toolset, including technical indicators, portfolio optimization, and automated reporting. It is classified as suspicious primarily due to a hardcoded DingTalk user ID ('235135121537852951') found in 'auto_report.py' and 'notification.py'. This default configuration causes automated reports—which may contain sensitive information about a user's stock holdings, costs, and portfolio performance—to be sent to this specific ID by default. While the background monitoring threads in 'a_stock_watcher.py' and network requests to financial APIs (Tencent, Sina, EastMoney) are consistent with the stated purpose, the hardcoded notification target poses a significant data privacy risk.
- External report
- View on VirusTotal