Skillv1.0.0

ClawScan security

Stock Analysis Framework · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 30, 2026, 2:11 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code and documentation match the stated A‑share analysis purpose, but the included scripts read undeclared local portfolio files and rely on an undocumented third‑party dependency (akshare), which raises privacy and supply‑chain concerns.
Guidance: What to consider before installing: - The skill appears to do what it says (stock analysis, monitoring, briefing), but it will look for and read a holdings file at ~/.investment-portfolio/holdings.jsonl and ~/.investment-portfolio/history.log if present. If you keep sensitive data in those files, review them first or move them. - The scripts make outbound HTTP requests to public finance APIs (hq.sinajs.cn) and optionally import the akshare Python package. akshare is an undocumented runtime dependency — installing it will pull additional packages and may contact multiple data sources. Only install akshare from a trusted source (PyPI) and review its dependencies. - There is no install step in the package, so running the Python scripts executes the bundled code directly. If you are cautious, run them in a sandbox/isolated environment (container or VM) or inspect the code yourself (network calls are obvious in the source). - If you want to use portfolio integration, consider creating the holdings file yourself with minimal data (tickers, shares, buy_price) and avoid storing secrets. Alternatively, run the tools without a portfolio file so they use the default stocks. - If you need absolute assurance, ask the publisher for provenance (source repository/homepage) or request the author to declare config paths and dependencies in the skill metadata.

Review Dimensions

Purpose & Capability: okThe name/description (六维股票分析、盯盘、简报) align with the provided scripts (stock_analyze.py, stock_monitor.py, stock_briefing.py) and reference documents. The code implements real‑time quotes, K‑line calculations, fund flow (via akshare), and briefing/monitoring features described in SKILL.md.
Instruction Scope: concernSeveral runtime scripts read user filesystem paths and environment state that were not declared in the skill metadata: stock_briefing.py and stock_monitor.py read ~/.investment-portfolio/holdings.jsonl and history.log (and monitor may fallback to defaults). SKILL.md and the registry metadata list no required config paths. The scripts also perform network requests to public finance endpoints (hq.sinajs.cn) and optionally import akshare to fetch data. Reading a user's holdings file is a privacy‑sensitive action and should have been declared explicitly.
Install Mechanism: noteThere is no install spec (instruction‑only + code files), so nothing is written by an installer. However the code has an optional runtime dependency on akshare (imported in get_fund_flow and get_kline). akshare is not installed by the skill; if a user installs it later, it will pull packages and may contact multiple data sources. Network calls to hq.sinajs.cn are direct and expected for quotes.
Credentials: concernThe skill requests no environment variables or credentials, which is appropriate, but it accesses a user config path (~/.investment-portfolio/holdings.jsonl and history.log) without declaring it. That access is disproportionate unless the user explicitly wants portfolio integration. There are no other declared creds, but the implicit dependence on local portfolio files is a privacy risk.
Persistence & Privilege: okalways is false and the skill does not attempt to modify other skills or system configurations. The scripts only read files and perform network requests; they do not create persistent services or change agent configuration.