Back to skill
Skillv1.0.1
VirusTotal security
Crypto Market Analysis · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewApr 30, 2026, 6:06 AM
- Hash
- bc40f06f02b231a3deb2bb6e7cec46f23841b4a38d94c22539d2eb9bcec2818a
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: crypto-market-analysis Version: 1.0.1 The skill bundle contains high-risk behaviors in 'main_analysis.py', specifically a hardcoded local file path ('E:\anaconda\python.exe') and a function that automatically executes 'pip install' to fetch and install external dependencies (TA-Lib). While these actions are plausibly intended for environment setup, the use of subprocess to modify the host system and the reliance on a specific local environment path are significant security risks and lack the portability expected of a benign skill. No clear evidence of intentional data exfiltration or malicious prompt injection was found.
- External report
- View on VirusTotal