Back to skill
Skillv1.0.0
VirusTotal security
eToro API · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 4:28 AM
- Hash
- 7d75f8d0209409260cda873506f69a7e1838d0e58cd566f602a2f55042296d92
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: etoro-api Version: 1.0.0 The skill provides programmatic access to the eToro API, enabling actions such as executing real financial trades, accessing portfolio data, and managing watchlists. While the documentation in `SKILL.md` is clean and does not contain explicit prompt injection attempts or malicious instructions (e.g., data exfiltration to unauthorized endpoints, backdoors, or arbitrary command execution), the inherent capability to perform financial transactions with real money and access sensitive financial data makes this skill high-risk. This falls under 'risky capabilities without clear malicious intent', warranting a 'suspicious' classification due to the significant potential for financial loss or misuse if the agent is compromised or misconfigured, even if the skill itself is designed for a legitimate purpose.
- External report
- View on VirusTotal