Back to skill
Skillv1.0.0
VirusTotal security
Duola Quant Copy Engine · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewApr 30, 2026, 5:08 AM
- Hash
- 8848bc0cc72a959d78888446ad5f6ca2be530fb7485db811f957d3bde6e81a81
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: duola-quant-copy-engine Version: 1.0.0 The skill bundle provides instructions for an AI agent to install and operate a crypto trading CLI tool (`duola`) for Polymarket. High-risk behaviors include the global installation of an external npm package, the handling of sensitive cryptocurrency private keys via stdin, and integration with an external billing service (skillpay.me). While SKILL.md includes operational safeguards like backtesting and diagnostic checks, the inherent risks associated with automated financial secret management and external code execution justify a suspicious classification.
- External report
- View on VirusTotal