ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Stock Advisor Pro

v1.0.0

你的私人 AI 投顾。提供 A 股个股深度多维分析、持仓管理。

1· 79·0 current·0 all-time
bydaas.ai@daasai
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (A股深度分析 + 持仓管理) match included scripts: scan.py calls a cloud API and portfolio.py reads/writes local data. However registry metadata stated no required env vars/credentials while SKILL.md and scripts rely on STOCK_ADVISOR_API_URL and STOCK_ADVISOR_API_KEY — this inconsistency should be resolved.
!
Instruction Scope
SKILL.md instructs running the included scripts (expected). It claims '所有持仓和预警数据均保存在本地' which is true for portfolio operations, but scan.py performs network calls to the configured cloud backend (symbol queries via /api/scan). The skill does not exfiltrate portfolio data in code, but the privacy claim is misleading because scan requests go to an external service. README also suggests running a remote install curl | sh (astral.sh) which broadens runtime scope and risk.
!
Install Mechanism
There is no formal install spec in the registry (lowest risk), but README recommends installing 'uv' via curl -LsSf https://astral.sh/uv/install.sh | sh. That is a remote install script from a third-party domain; running it without inspection is risky. The package_files themselves are plain Python scripts (no packaged binary downloads).
Credentials
The code and SKILL.md legitimately use two env vars (STOCK_ADVISOR_API_URL, STOCK_ADVISOR_API_KEY) for contacting a cloud backend — proportional to the cloud-scan function. However, registry metadata claimed no required env vars/primary credential, which is inconsistent. The default API key in config.py ('demo-key-123456') and default base URL (https://api.daas.ai) mean the skill can run without you supplying secrets, but will contact that default service unless you override it.
Persistence & Privilege
The skill does not request always:true and will not be force-included. It writes only its own local portfolio.json file via LocalStore; it does not modify other skills or system-wide settings. Autonomous invocation is enabled (default) but not combined with other high-risk requests.
What to consider before installing
Before installing or running: (1) Resolve the metadata mismatch — SKILL.md and scripts expect STOCK_ADVISOR_API_URL and STOCK_ADVISOR_API_KEY even though registry metadata lists none. (2) Verify and trust the backend: by default the skill will contact https://api.daas.ai (or the URL you set). If you don't trust that service, run your own local backend and set STOCK_ADVISOR_API_URL to http://localhost:8000. (3) Inspect any remote install script before running it — README recommends curl | sh from astral.sh to install 'uv'; avoid executing that blindly. (4) The portfolio data is stored locally in data/portfolio.json, but a sample file contains a user path — replace or remove sample data. (5) If you need strong privacy, run the skill in a sandboxed environment and/or host the API backend yourself so scans don't go to an external server.

Like a lobster shell, security has layers — review code before you run it.

latestvk978tmg1cy4sxfp8tzzqsww4kd83vkd9

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments