Skillv1.0.3

ClawScan security

pywencai · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 23, 2026, 10:08 AM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill's purpose (querying iwencai financial data) matches its instructions, but there are multiple inconsistencies in metadata and packaging around how credentials (the iwencai cookie) are declared and used — exercise caution before installing or supplying your cookie.
Guidance: This skill appears to do what it claims (query iwencai with a browser cookie), but there are several packaging inconsistencies you should resolve before use. Recommendations: - Verify the upstream project (https://github.com/zsrl/pywencai) and confirm the package version you plan to pip install matches the skill bundle. - Do not paste your iwencai cookie into public logs or share it; treat it as a secret. Prefer setting it as an environment variable (WENCAI_COOKIE) rather than embedding it in code, if the library supports that. - Confirm whether node is actually needed in your environment (installing node enables the library's JS path) and run in an isolated environment (container/VM) if you must supply a real cookie. - Ask the publisher to fix manifest inconsistencies (registry metadata vs metadata.json vs SKILL.md vs demo) and to update demo.py to explicitly show cookie usage so requirement expectations are clear. - If in doubt, create a throwaway iwencai account/cookie when testing, and audit network traffic (e.g., via proxy) to confirm requests go only to iwencai endpoints before using any production credentials.

Review Dimensions

Purpose & Capability: noteThe skill's name/description (natural-language queries against 同花顺问财/iwencai) align with the included docs and demo. Requiring python3 and node is plausible (the underlying pywencai library runs JS). Nothing else in the package claims unrelated capabilities.
Instruction Scope: concernSKILL.md clearly instructs the user to extract and supply an iwencai Cookie (sensitive secret) and shows how to pass it to pywencai.get. That is within the tool's stated purpose but is sensitive. There is an inconsistency: demo_project/demo.py calls pywencai.get without passing a cookie, contradicting SKILL.md which marks cookie as required. The instructions also suggest passing proxies and retry loops — normal, but potentially able to forward network traffic if misused.
Install Mechanism: okThis is an instruction-only skill with no install spec (lowest install risk). It references pip-installing the pywencai package (a normal public package). No downloaded URLs or archive extraction are present in the skill bundle.
Credentials: concernThe skill requires an iwencai Cookie (sensitive session credential), which is logically necessary for the described functionality. However, the metadata is inconsistent about environment variables: the top-level registry metadata lists no required env vars, while metadata.json (openclaw.requires.env) lists WENCAI_COOKIE. This mismatch is a packaging/manifest coherence problem that could lead to accidental exposure or confusion about where to place credentials.
Persistence & Privilege: okThe skill does not request persistent or elevated platform privileges (always:false). It does not modify other skills or system-wide settings in the provided files.