Skillv1.1.0

ClawScan security

stock watch · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 12, 2026, 2:51 AM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's files and runtime instructions are consistent with its stated purpose: it queries Eastmoney search/quote APIs to get real-time prices and manages a local Markdown watchlist, without requesting unrelated credentials or installing third-party binaries.
Guidance: This skill appears coherent and limited in scope, but review these practical points before installing: - Network calls: the script queries third-party Eastmoney endpoints to resolve names and fetch quotes. Do not put secrets or sensitive content into queries or the watchlist file if you are concerned about outbound data. - Local file safety: by default the script only allows watchlist files inside the current working directory; you can expand allowed roots via STOCK_WATCHLIST_ALLOWED_ROOTS, but only add directories you trust. The code enforces Markdown extensions and marker comments. - Dependencies: ensure you run it in a Python environment with the 'requests' package installed. Review the included scripts if you need stronger guarantees (they are provided in the repo). - Hard-coded token: the code contains a hard-coded SEARCH_TOKEN constant for the Eastmoney search API; this is expected for the current implementation but is not a secret coming from you. - Autonomous invocation: the skill is user-invocable and not set to always:true. The platform may allow autonomous invocation by default; if you are worried about automatic runs, check platform controls for skill invocation. If you want higher assurance, inspect the full scripts (they are included) or run them in an isolated environment where network/file access can be monitored.

Review Dimensions

Purpose & Capability: okName/description match the code and SKILL.md: the Python script queries Eastmoney search/quote endpoints and implements watchlist management in Markdown. There are no unexpected credentials, cloud APIs, or unrelated binaries requested.
Instruction Scope: okSKILL.md instructs running the included scripts for search/quote/watchlist operations and explicitly limits watchlist files to Markdown in the workspace (or explicit safe roots). The instructions and tests align with the code. Note: the scripts perform outbound network requests to third-party Eastmoney endpoints (searchapi.eastmoney.com and push2.eastmoney.com), which is expected for fetching quotes.
Install Mechanism: okNo install spec is provided (instruction + code files only). The code depends on the Python 'requests' package but doesn't download or install external code during install; no remote archive downloads or untrusted installers are used.
Credentials: okThe skill does not require credentials or secrets. It reads one optional environment variable (STOCK_WATCHLIST_ALLOWED_ROOTS) to permit watchlist files outside the current working directory; this is proportionate to the documented behavior. No other env vars or sensitive config paths are accessed.
Persistence & Privilege: okThe skill is not set to always:true and does not request system-wide persistence or modify other skills' configs. It writes only to the specified watchlist Markdown file (and respects marker comments) and enforces path restrictions in code/tests.