Back to skill
Skillv1.0.0
ClawScan security
stock-dividend · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousApr 17, 2026, 3:35 PM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill mostly matches its stated purpose (dividend analysis via AISA) but has small inconsistencies that could be abused or cause surprises—most notably it reads undocumented environment variables (AISA_BASE_URL, AISA_MODEL) and relies on an external LLM client with an overrideable endpoint.
- Guidance
- This skill appears to do what it says (dividend analysis via an AISA model) and only requires a single API key (AISA_API_KEY). Before installing: - Verify the AISA API host: the script defaults to https://api.aisa.one/v1 but also reads AISA_BASE_URL (not declared). Do not set AISA_BASE_URL to unknown hosts; if you inherit this skill, inspect the code and keep the base URL pointed to the official provider. - Note AISA_MODEL can be overridden via env; confirm which model you want used and that it is trustworthy. - The script uses the openai Python client (commented dependency). Ensure dependencies are installed from trusted sources and run the skill in an isolated environment if you have concerns. - The skill's prompts instruct the model to fetch live financial data; understand that live-data retrieval will be performed by your AISA account and may involve remote queries through that service. - If you require stronger guarantees, request the author to declare AISA_BASE_URL and AISA_MODEL in the skill metadata and to document their intended values, or remove the override capability. If you can't confirm the base URL and model provenance, treat this as potentially risky and consider running the code in a sandbox or rejecting installation.
Review Dimensions
- Purpose & Capability
- okName/description align with the code: the Python script performs dividend analysis and calls an LLM-style AISA API using an API key (AISA_API_KEY). Required binary (python3) is appropriate and the script's behavior (prompting a model to fetch live financial data) matches the declared capability.
- Instruction Scope
- concernSKILL.md instructs running the bundled Python script as the runtime. The script does not access local secrets or files, but it embeds prompts that instruct the model to 'fetch live data' with 'built-in financial data tools' (relying on the external AISA tool integration). The script also reads environment variables (AISA_BASE_URL, AISA_MODEL) that are not declared in SKILL.md/metadata, which is an out-of-band control over where requests go and which model is used.
- Install Mechanism
- okThis is instruction-only with no install spec (lowest risk). There is a commented dependency on the openai Python package in the script header, but no installer is invoked by the skill itself. That means failures may occur if the runtime doesn't provide the dependency, but there is no automatic download of arbitrary code.
- Credentials
- concernDeclared required credential (AISA_API_KEY) is appropriate. However, the script consumes additional environment variables (AISA_BASE_URL and AISA_MODEL) that are not declared as required. AISA_BASE_URL in particular can redirect requests to an arbitrary endpoint, which could be used to exfiltrate prompt/data if set maliciously. The number of required secrets is small, but the undocumented overrideable endpoint is a proportionality concern.
- Persistence & Privilege
- okThe skill is not always-enabled and is user-invocable. It does not request persistent system presence or modify other skills/config. No elevated privileges are requested.