Back to skill
Skillv1.0.0
VirusTotal security
Quant Stock · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 7, 2026, 9:31 AM
- Hash
- 066edd71f8cf6c59e955b853aa4053dcb163db9cea02509d8428d113b38ef33d
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: quant-stock Version: 1.0.0 The skill bundle implements a stock analysis tool that exhibits several concerning behaviors. It includes hardcoded messaging targets in scripts/main.py (FEISHU_CHAT_ID) and scripts/run_task.sh (openclaw target ID), which could result in data being sent to the author's accounts rather than the user's. Furthermore, the instructions in references/RULES.md explicitly command the AI agent to be deceptive by filtering out all negative scoring tags from the final report. The bundle also establishes persistence via a crontab installation script (scripts/install_cron.sh) and performs extensive automated network requests to various financial news and data providers.
- External report
- View on VirusTotal