Back to skill
Skillv1.0.0
VirusTotal security
eToro Trading API · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:49 AM
- Hash
- 1e239bc2e017a966515a250290af6aefa59ff12a12fa54d4063a55f971f360b5
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: etoro-trading-api Version: 1.0.0 This skill is classified as suspicious due to its inherent high-risk capabilities. The `SKILL.md` explicitly defines tools for real financial trading execution (e.g., `open_position_by_amount`, `close_position`) and instructs the AI agent to default to 'real' trading mode. While there is no evidence of intentional malicious behavior from the skill developer (e.g., data exfiltration, backdoors), the direct access to financial transactions and the default to real mode present a critical vulnerability. A compromised or prompt-injected agent could be manipulated to perform unauthorized financial operations, leading to significant financial loss. The requirement for `curl` and `python3` also grants the agent access to powerful system tools.
- External report
- View on VirusTotal