Back to skill
Skillv1.1.1
VirusTotal security
Xpulse · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 5:55 AM
- Hash
- 754a7e50efc705f5ededff698893d5d807157f95e63fb5d9bf4708eecdf5b3d5
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: xpulse Version: 1.1.1 The Xpulse skill bundle is a legitimate tool designed for real-time social signal monitoring for prediction market traders. It implements a three-stage pipeline using DuckDuckGo for searching, a local Ollama (Qwen) instance for signal analysis, and the Kalshi API for position matching. The code follows security best practices, such as using a fail-closed design for its materiality gate, avoiding 'shell=True' in subprocess calls (scripts/xpulse.py), and directing sensitive API calls only to official endpoints (api.elections.kalshi.com). No evidence of data exfiltration, credential theft, or malicious prompt injection was found.
- External report
- View on VirusTotal