Back to skill
Skillv1.0.69
VirusTotal security
Vincent - Trading Engine · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:30 AM
- Hash
- 30bd3131c48ad8ab3841d8fa9afe81e7645249bf076676c82e795ee57dee627a
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: vincent-trading-engine Version: 1.0.69 The Vincent Trading Engine skill bundle provides automated trading capabilities for Polymarket and HyperLiquid by wrapping the `@vincentai/cli` package. It requires access to sensitive wallet credentials (`agentwallet`) and utilizes shell execution (`Bash`) to perform financial transactions and manage trading strategies. While the functionality is extensively documented and aligned with its stated purpose, the combination of credential access, automated trading, and reliance on an external CLI fetched via `npx @latest` represents a high-risk profile. A minor anomaly is noted in `_meta.json` where the `publishedAt` date is set in February 2026, though no clear evidence of intentional malice or data exfiltration was found.
- External report
- View on VirusTotal