Back to skill
Skillv1.0.0
VirusTotal security
Stock Daily Analysis · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewApr 30, 2026, 6:23 AM
- Hash
- 57a79dddaa413d96e18713186d2e6e9505fea370f405f760018714dc31862de4
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: stock-daily-analysis Version: 1.0.0 The skill bundle contains risky operational behaviors, specifically in `scripts/setup.sh` and `scripts/update.sh`, which clone and execute code from an external GitHub repository (ZhuLinsen/daily_stock_analysis), creating a supply chain vulnerability. Additionally, `scripts/market_data_bridge.py` uses `subprocess.run` to execute Python scripts based on configurable paths, which could lead to arbitrary code execution if the environment is misconfigured. While these features appear intended to support the skill's functionality as a wrapper, the execution of unverified external code is a high-risk behavior.
- External report
- View on VirusTotal