ClawHub

Akshare Finance

AdvisoryAudited by Static analysis on Apr 30, 2026.

Overview

No suspicious patterns detected.

Findings (0)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

NoteHigh Confidence
ASI04: Agentic Supply Chain Vulnerabilities
What this means

Installing the skill may install or use external Python packages that are not fully reviewed in these artifacts.

Why it was flagged

The skill depends on external Python packages with lower-bound version constraints. This is expected for an AKShare wrapper, but it means installation relies on package supply-chain trust rather than fully bundled code.

Skill content
"requires": { "pip": ["akshare>=1.12", "pandas>=1.5"] }
Recommendation

Install from trusted package indexes, consider pinning known-good versions, and review AKShare/pandas provenance if using this in a sensitive environment.