yahooquery
ReviewAudited by ClawScan on May 1, 2026.
Overview
This is a coherent instruction-only Yahoo Finance data skill, with noteworthy but disclosed optional use of Yahoo Premium credentials.
This skill appears safe for its stated purpose of retrieving Yahoo Finance data. Before installing or using it, verify the yahooquery package source/version, provide Yahoo Premium credentials only when you actually need premium features, and avoid insecure network options such as disabling TLS verification.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If you use premium features, the agent may handle your Yahoo account login details for Yahoo Finance data access.
The skill documents optional Yahoo Finance Premium username/password use. This is aligned with accessing premium Yahoo Finance research, but it involves sensitive account credentials.
r = Research(username='you@email.com', password='password')
Only provide Yahoo Premium credentials when explicitly needed, avoid hardcoding real passwords in shared notebooks or prompts, and prefer environment variables or a secrets manager if available.
You may need to rely on an external Python package whose source and version are not pinned by this skill.
The skill depends on external yahooquery usage but does not provide package provenance or an install specification. The artifacts do not auto-install anything, so this is a provenance note rather than a concern.
Source: unknown; Homepage: none; No install spec — this is an instruction-only skill.
Install yahooquery only from a trusted package source, review the package/version you use, and avoid letting the agent install arbitrary packages without confirmation.
Using unsafe proxy settings or disabling certificate verification could expose finance queries or login traffic to interception.
The reference documentation exposes optional network controls, including proxy routing and disabling TLS certificate verification. These are standard library options, not default behavior, but misuse could weaken connection security.
proxies={'http': 'http://proxy:port'} ... verify=FalseLeave TLS verification enabled unless you have a specific trusted reason, and only use proxies you control or trust.