Skillv1.0.0

ClawScan security

fund-screening · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 14, 2026, 2:08 AM

Verdict: Benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's requirements and instructions are coherent with a fund-screening/data-analysis workflow; it reads local screening files and fetches public fund data, and it does not ask for unrelated credentials or perform suspicious actions.
Guidance: This skill appears to do exactly what it says: screen funds using public data sources, analyze them, run backtests, and save results to the listed workspace files. Before installing or enabling it, consider: (1) Are you comfortable the agent will read/write the specific workspace files listed (实战/基金/结果/*.xlsx)? If not, move or protect those files. (2) The SKILL.md expects the agent to run Python with openpyxl/pandas via an 'uv' runner and to call other skills for web scraping — ensure those runtimes/skills are available and trusted. (3) The skill fetches data from public websites (eastmoney, morningstar, howbuy); scraping those sites may have legal/ToS implications and could change if site structure changes. (4) The skill includes clear disclaimers about not being investment advice, but you should still treat recommendations as informational only. If you want to reduce risk, disable autonomous invocation for the agent or limit its file access and network capabilities.

Review Dimensions

Purpose & Capability: noteThe name/description (fund screening, DCA execution, portfolio construction) matches the runtime instructions: web queries to fund sites, multi-step screening, local XLSX read/write and backtests. Minor mismatch: the SKILL.md tells the agent to run commands like `uv run --with openpyxl python3` and to rely on other skills (tavily-search/tavily-extract/agent-browser) but the skill metadata does not declare required binaries or explicit dependencies for running Python/openpyxl/pandas or the 'uv' runner. This is a usability/declared-dependency gap rather than evidence of malicious intent.
Instruction Scope: noteInstructions stay within the stated scope (initial screening, precision filtering, five-dimension analysis, backtests, saving results). The skill explicitly reads and writes workspace files (listed XLSX paths) — which is expected for a screening skill but is something the user should be aware of. It instructs the agent to fetch real-time data from public fund websites via other skills, which is coherent but increases runtime dependencies and surface area.
Install Mechanism: okInstruction-only skill with no install spec and no code files included. This lowers installation risk because nothing is downloaded or executed during install.
Credentials: okThe skill requests no credentials, no environment variables, and no config paths. Its external data access is limited to public fund websites (eastmoney, morningstar, howbuy) via other agent skills — proportional for the stated purpose.
Persistence & Privilege: okalways is false and the skill is user-invocable (normal). It does not request permanent presence or system-wide configuration changes.