AKShare
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a coherent AKShare financial-data helper with no credential use or hidden actions shown, but it relies on installing/upgrading unpinned Python packages.
This skill appears safe for its stated purpose of fetching public financial data. Before installing, use normal Python package caution: install AKShare from a trusted source, consider pinning versions, and avoid treating retrieved market data as investment advice.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A future or different package version could behave differently from what was reviewed here.
The skill tells the user to install or upgrade the AKShare package without pinning an exact version. This is expected for an AKShare helper, but it means the installed code may change over time.
pip install akshare --upgrade
Install from trusted package sources and consider pinning known-good versions, especially in production or sensitive environments.