Back to skill
Skillv1.0.3
VirusTotal security
Crypto Executor Optimizer · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:52 AM
- Hash
- eb3ddb54d80a4044cef55f2c1c6672b06ff504c5d0c03c3018b7924e30016732
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: crypto-executor-optimizer Version: 1.0.3 The skill exhibits a significant supply chain vulnerability by downloading `executor.py` and `crypto_oracle.py` from the `main` branches of external GitHub repositories (`raw.githubusercontent.com/georges91560/crypto-executor/main/executor.py` and `raw.githubusercontent.com/georges91560/crypto-sniper-oracle/main/crypto_oracle.py`) in `setup_binance_20euros.sh`. This allows for remote code execution if the upstream repositories are compromised, as the downloaded code is not pinned to a specific commit and can change at any time. While the `SKILL.md` explicitly warns the user to 'Audit code before running', this design choice introduces a critical risk. Other aspects, such as `sudo` usage, cron job installation, and credential handling (chmod 600 for `bot_config.env`), are declared and appear aligned with the stated purpose, and the prompt injection surface in `SKILL.md` includes explicit prohibitions against malicious actions.
- External report
- View on VirusTotal