Back to skill
Skillv1.0.0
ClawScan security
Investment Data 1.0.0 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
ReviewMar 5, 2026, 5:23 PM
- Verdict
- Review
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill generally matches its stated purpose (download and query A‑share datasets) but contains several inconsistencies (declared binaries, undeclared environment variables, package list mismatches, and unclear source/homepage) that warrant caution before installing or running it.
- Guidance
- This skill appears to implement the advertised dataset/downloader functionality, but several mismatches and missing declarations mean you should be careful: 1) Verify the source repository and release assets (the package references multiple GitHub URLs and a different clone URL in README). 2) Inspect any tar.gz downloaded from GitHub before extraction (run in an isolated environment or container). 3) Be aware the skill may use an optional TUSHARE_TOKEN — only provide a token you trust and rotate it if you later stop using the skill. 4) The SKILL metadata lists wget/tar but the code uses Python requests/tarfile; ensure your environment has the expected Python setup and review requirements.txt for additional deps (pyyaml, openpyxl). 5) If you plan to enable automated updates (cron), confirm the update/download behavior and where data is stored (~/.qlib/qlib_data/cn_data) so it doesn't overwrite important files. If you want greater assurance, ask the author for the canonical source repo/verified release URL and a signed release, or run the skill in a sandbox first.
Review Dimensions
- Purpose & Capability
- concernName/description, scripts and APIs all align with an investment-data skill, but the declared required binaries (wget, tar) and the SKILL metadata differ from what the code actually uses (requests and Python's tarfile). Several README links point to different GitHub repos (chenditc vs StanleyChanH) which is an incoherence in source attribution.
- Instruction Scope
- concernRuntime instructions tell the agent to download releases from GitHub and to run local scripts (download_data.py, query.py). The SKILL.md and scripts reference optional environment variables (INVESTMENT_DATA_DIR, TUSHARE_TOKEN) and external endpoints (GitHub, DoltHub) — SKILL metadata did not declare these env vars. The download script constructs a GitHub releases URL and will extract archives to the user's data directory, so users should validate the tar contents before trusting them.
- Install Mechanism
- noteThere is no registry-level install spec, but SKILL.md includes a pip install step for dependencies. The SKILL.md's pip list (pandas, numpy, requests) is smaller than requirements.txt (which also lists pyyaml, openpyxl). The download mechanism fetches artifacts from GitHub releases (a common pattern) — no arbitrary IP/pastebin downloads were observed.
- Credentials
- concernThe skill declares no required environment variables but the documentation and code reference INVESTMENT_DATA_DIR and an optional TUSHARE_TOKEN (a sensitive API token). TUSHARE_TOKEN is not declared as a required credential; users could inadvertently supply a token without realizing the skill will use it for network calls.
- Persistence & Privilege
- okalways is false and the skill does not request persistent platform-wide privileges. It writes data under a user data directory (~/.qlib/...) and logs to a local file — expected for a dataset tool and scoped to its own files.