Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
my_stock_report_skill
v1.0.4当且仅当用户明确提到使用报告引擎、分析引擎、股票引擎、report engine 或者 my_stock_report_skill 时触发。用于调用 Python 分析引擎对特定美股标的进行多维度深度分析,支持指定分析师组合,并将结论和报告归档至钉钉多维表。
⭐ 0· 84·0 current·0 all-time
by@canonxu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description claim: run a Python analysis engine for US stocks and archive results to DingTalk multi-dimensional table. The SKILL.md indeed constructs a run_cli.py command, reads reports/ files, and uploads to DingTalk and a management skill—so behavior broadly matches the stated purpose. However, the skill assumes access to DingTalk (API calls) and to two other skills ('dingtalk-document' and 'my_stock_report_mgnt_skill') without declaring those dependencies or any required credentials. It also hard-codes Workspace ID and parent nodeId, which may be organization-specific and should be documented.
Instruction Scope
Instructions tell the agent to execute a local Python script (./venv/bin/python3 run_cli.py) and to read specific local files (reports/decision.txt, reports/complete_report.md) — this is consistent with analysis. But instructions also show direct POST calls to api.dingtalk.com with an operatorId placeholder and explicitly instruct use of other skills for document creation and multi-dim table writes. The SKILL.md references OPERATOR_ID in an API call yet does not declare it or any auth method. That gap means the skill expects credentials or cross-skill auth that are not specified, and it causes external transmission of report contents to DingTalk.
Install Mechanism
No install spec and no code files — instruction-only. This minimizes risk from arbitrary downloads or install-time execution. The skill does require a local run_cli.py and a Python venv to already exist; that requirement is runtime (not install-time) and should be validated by the user.
Credentials
requires.env is empty but the instructions reference OPERATOR_ID and perform authenticated POSTs to DingTalk. The skill also implicitly depends on credentials/authorization for 'dingtalk-document' and 'my_stock_report_mgnt_skill' (not listed). This is a proportionality mismatch: uploading reports to an external service normally requires tokens/IDs (e.g., DingTalk app token, operator id), and those are not declared or explained.
Persistence & Privilege
always is false and the skill does not request permanent inclusion or to modify other skills or agent-wide settings. It reads local files and calls external APIs but does not request elevated platform privileges in the manifest.
What to consider before installing
Before installing or enabling this skill, verify the following:
1) Confirm where run_cli.py and the Python virtual environment should live and that you trust the run_cli.py code — the skill will execute it and read files it produces (decision.txt, complete_report.md).
2) Ask the publisher or owner for explicit information about authentication: what supplies OPERATOR_ID and any DingTalk credentials? The SKILL.md calls https://api.dingtalk.com directly but lists no required env vars or tokens—do not assume credentials exist.
3) Validate the hard-coded Workspace ID and nodeId: ensure these are intended for your DingTalk workspace and not someone else’s. Hard-coded IDs can cause misdelivery of sensitive reports.
4) Confirm the presence and permission model of the referenced skills ('dingtalk-document' and 'my_stock_report_mgnt_skill'). Understand what credentials they need and who controls those credentials.
5) If you cannot confirm the above, treat the skill as potentially able to leak report contents to an external DingTalk workspace; either request a version that declares required credentials explicitly, or run the analysis and upload steps in an isolated environment under your control.
6) Note: no install-time downloads reduces supply-chain risk, but source is unknown and there is no homepage—exercise extra caution and prefer testing in a sandbox.Like a lobster shell, security has layers — review code before you run it.
latestvk975n2x6648s2s6ev6seaqtgeh83x6ey
License
MIT-0
Free to use, modify, and redistribute. No attribution required.