Back to skill
Skillv1.0.1
VirusTotal security
IEX Cloud CLI · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 4:41 AM
- Hash
- 8e2d444bb361b878c6d27af6b0aa4883f95e2fadeaf446175d945eb07fab2197
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: iex-cloud Version: 1.0.1 The OpenClaw AgentSkills skill bundle for IEX Cloud is classified as benign. The `scripts/iex_cloud_cli.sh` script implements robust security controls, including strict whitelisting of trusted IEX API hosts (`cloud.iexapis.com`, `sandbox.iexapis.com`) for the base URL, preventing Server-Side Request Forgery (SSRF). It also performs strong input validation for `raw` API paths, rejecting full URLs, path traversal (`..`), and query string injection. Token handling is secure, relying on environment variables and passing tokens as URL-encoded query parameters. The `SKILL.md` and other documentation files consistently outline these security guardrails and do not contain any prompt injection attempts. Furthermore, the `scripts/validate_registry_metadata.py` script actively verifies the presence and enforcement of these security measures, indicating a deliberate secure design.
- External report
- View on VirusTotal