Back to skill
Skillv1.0.0
VirusTotal security
Near Dca · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 3:34 AM
- Hash
- e4e204b1e8a090dfaa1558877808b63310197ac9671d91cd8f2e5595b5996acf
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: near-dca Version: 1.0.0 The skill is classified as suspicious due to its core functionality requiring direct handling of a user's blockchain private key for executing financial transactions (DCA purchases) in `actions/index.js` and `src/dca-manager.js`. While this capability is plausibly needed for the stated purpose of automating NEAR token purchases and the `README.md` advises secure storage, the direct use of such a high-value credential constitutes a significant inherent risk. There is no evidence of intentional malicious behavior like exfiltration or unauthorized use, nor any prompt injection attempts in the documentation.
- External report
- View on VirusTotal