Back to skill
Skillv0.1.0
VirusTotal security
Dx Terminal Pro · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:35 AM
- Hash
- ed15a01c14e0a112ec51c72ee4a7f14034749516edce585f424f95fdec0c90b8
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: dx-terminal-pro-skill Version: 0.1.0 The skill is classified as suspicious due to its direct execution of shell commands (`cast`, `curl`, `jq`) and handling of a sensitive `DX_TERMINAL_PRIVATE_KEY` for on-chain transactions, as defined in `SKILL.md`. While the actions align with the stated purpose of managing a trading agent, the command templates are highly susceptible to shell injection vulnerabilities if the AI agent substitutes user-provided input (e.g., strategy strings, amounts) without proper sanitization. There is no evidence of intentional malicious behavior such as unauthorized data exfiltration or backdoor installation, but the inherent risk of command injection makes it a significant security concern.
- External report
- View on VirusTotal