Back to skill
Skillv1.0.1
VirusTotal security
Byted Market Insight Agent · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 21, 2026, 7:16 AM
- Hash
- 833f68db70547a79a843dc31c4a193cffc340c0567caafee7e0e3d7227523780
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: byted-market-insight-agent Version: 1.0.1 The skill bundle contains high-risk capabilities designed for automated environment configuration and dependency management. Specifically, `scripts/auth_resolver.py` automatically scans and parses sensitive user shell configuration files (e.g., `~/.bashrc`, `~/.zshrc`, `~/.profile`) to extract credentials and performs automated package installation via `pip install`. While these behaviors are documented in `SKILL.md` and `usage.md` as convenience features for the Volcengine Market Insight service, they involve intrusive file access and potential arbitrary code execution (via supply chain or local environment modification) which are characteristic of risky software patterns.
- External report
- View on VirusTotal