Back to skill
Skillv0.1.0
VirusTotal security
Stock Monitor · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignMay 1, 2026, 4:21 AM
- Hash
- 3fa307fb3fc0775fa2a3e71b2c3241dec5bd2ea894a69ba2be9819f9c40cf213
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: stock-monitor-skill Version: 0.1.0 The skill bundle implements a stock monitoring and alerting system as described. The core Python scripts (`monitor.py`, `analyser.py`, `monitor_daemon.py`) make network requests to legitimate financial data providers (Eastmoney, Sina) to fetch public stock data, which is aligned with its stated purpose. The `control.sh` script provides standard daemon management (start, stop, status, log). There is no evidence of intentional malicious behavior such as data exfiltration, unauthorized remote control, or persistence mechanisms beyond its function as a daemon. The `SKILL.md` and `README.md` do not contain prompt injection attempts. A minor vulnerability exists in `scripts/test_suite.py` with a hardcoded absolute path (`/home/wesley/...`), which is a bad practice for portability and could pose a risk if the test suite were run in a compromised environment, but this is a test script and not part of the operational skill's runtime, thus not indicative of malice.
- External report
- View on VirusTotal