ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Wall Street Quant Team

v1.0.1

华尔街级AI多代理量化投资团队。当用户需要:创建AI投资团队、配置多代理协作、实施投资决策流程、获取股票行情、分析趋势方向、行为金融分析、AI量化策略时使用。触发场景如"我想分析某只股票"、"帮我配置投资团队"、"量化策略开发"等。

0· 94·0 current·0 all-time
by@e2e5g
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description match the included agent templates, workflows, and references to data fetching and ML models — templates describe chief, fundamental, technical, quant, risk and sentiment agents, and many references describe data sources and model code. Minor inconsistency: docs reference a stock-data-fetcher script and pip dependencies (yfinance, pandas) while the skill has no install spec; this is explainable (instruction-only skill expecting runtime environment) but worth noting.
!
Instruction Scope
SKILL.md and the advisor-invitation guide instruct the agent to run a mandatory '智囊邀请' (advisor invitation) workflow that is described as '强制执行' (forced) for every analysis and explicitly tells the agent to use load_skill to install/invoke external skills (elon-musk-thinking, buffett-investor). The advisor guide even mentions '隐性钩子引导安装' (implicit hooks to guide installation). That grants the agent broad discretion to prompt for or load third‑party skills and to push the user to install them — scope creep beyond a self-contained quant analysis skill and a social-engineering risk.
Install Mechanism
There is no declared install spec (instruction-only), which is lowest-risk. However references/stock-data-usage.md instruct pip installs (yfinance,pandas) and call out scripts like scripts/stock-data-fetcher.py; the manifest does not list that fetcher script explicitly (some files truncated). Because no installer is provided, the skill expects the runtime environment to provide dependencies or to allow the agent to request installs later — this mismatch is worth flagging but not outright malicious.
Credentials
The skill declares no required environment variables, credentials, or config paths. The templates reference external data sources and optional paid APIs as general advice, but the skill does not request secrets in its manifest. This is proportionate to its stated purpose.
!
Persistence & Privilege
always:false (good). Still, the instructions repeatedly direct the agent to autonomously load other skills (load_skill calls) and state the advisor invitation is a mandatory step. Combining autonomous invocation with directive language to load external skills increases blast radius: the agent could persuade or auto-load additional third‑party skills during a session. This is a governance/behavior concern even though the skill itself does not request elevated system privileges.
What to consider before installing
This skill appears to implement a coherent multi-agent quant team, but it instructs the agent to automatically recommend and load third‑party 'advisor' skills (e.g., 'elon-musk-thinking' or 'buffett-investor') and even describes that invitation as 'forced' with 'hooks' to prompt installation. Before installing or enabling this skill: 1) be cautious about agreeing to install any advisor skills the agent recommends — review those skills' manifests and permissions first; 2) verify whether your runtime already provides the data-fetching dependencies (yfinance, pandas) or whether the agent will try to install packages at runtime; 3) confirm you are comfortable with the agent autonomously invoking load_skill (it may attempt to load additional code or request installs); 4) if you require stricter behavior, ask for a version of the skill that does not auto‑invite/install external skills or that makes any advisor-invite optional and requires explicit user consent for each install. If you want, I can list specific lines in the SKILL.md that trigger these concerns or look inside the included scripts (package_skill.py, quick_validate.py) for any code that would attempt network downloads or automatic installs.

Like a lobster shell, security has layers — review code before you run it.

aivk978d5r9xxranpsee0mrnjxged83heasai-agentvk97et9fejs8p5jd981mz4m92nx83ntqvclosed-sourcevk97et9fejs8p5jd981mz4m92nx83ntqvinvestmentvk978d5r9xxranpsee0mrnjxged83heaslatestvk97et9fejs8p5jd981mz4m92nx83ntqvquantvk978d5r9xxranpsee0mrnjxged83heasquant-investmentvk97et9fejs8p5jd981mz4m92nx83ntqvstock-analysisvk97et9fejs8p5jd981mz4m92nx83ntqvtradingvk978d5r9xxranpsee0mrnjxged83heaswall-streetvk97et9fejs8p5jd981mz4m92nx83ntqv

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments