Back to skill
Skillv1.0.0
VirusTotal security
golden-rule · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewApr 30, 2026, 6:20 AM
- Hash
- 1a3476e0b200b6ec93f59fc8ba11e853a3f7e09f0be764a62d39defa1c2a244d
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: golden-rule Version: 1.0.0 The skill implements an Instagram engagement bot using the Meta Graph API and requires sensitive credentials (IG_ACCESS_TOKEN). It is classified as suspicious due to the use of os.system for shell execution in ig_golden_hour.py, which is a high-risk practice (potential shell injection vector), and the inclusion of hardcoded strings ('Mock Trading DM') that do not align with the script's dynamic parameters, suggesting potential copy-paste from other contexts or unintended behavior.
- External report
- View on VirusTotal