Price Api
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may contact external price APIs and read or write local project/cost files during use.
The skill requests broad file and network access, which fits fetching API data and updating/exporting cost files, but could modify local business data if used carelessly.
"permissions": [
"filesystem",
"network"
]Use it only with intended project paths and review any proposed database or file updates before applying them.
If you provide a FRED API key, it may be sent to the FRED API endpoint to retrieve price data.
The sample client can accept a FRED API key and send it as an API parameter. This is purpose-aligned, but it is an optional credential not declared as a primary credential.
def __init__(self, fred_api_key: Optional[str] = None): ... params['api_key'] = self.fred_api_key
Provide only the intended API key, avoid embedding secrets in shared files, and rotate the key if it is exposed.
If you turn the sample into runnable code, you may need to install external Python packages yourself.
The documented Python implementation relies on third-party packages, while the package has no install spec and only declares the python3 binary. This is not automatic execution, but users would need to manage dependency provenance if running the sample code.
import requests import pandas as pd
Install dependencies from trusted sources and prefer pinned versions if converting this instruction-only skill into executable code.