openclaw-stock-skill

Warn

Audited by Socket on May 20, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS. The skill’s stock-data capabilities and required API key are broadly consistent with its stated purpose, and the documented network targets match the claimed service. However, trust is weakened by installation from a personal GitHub repo via transitive skill installation, with no clear same-org provenance tying the repo to OpenClaw or diemeng.chat. The overall footprint is coherent but not well-verified, so this is better classified as suspicious than benign.

Confidence: 87%Severity: 58%
Audit Metadata
Analyzed At
May 20, 2026, 03:21 PM
Package URL
pkg:socket/skills-sh/1018466411%2Fopenclaw-stock-data-skill%2Fopenclaw-stock-skill%2F@180c6f20957df89bedd803e259052694e0522229
Security Audit — socket — openclaw-stock-skill