Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Quant Stock Picker Pro
v1.0.0AI-powered stock screening tool for Chinese A-shares. Daily picks using multi-factor analysis (fundamentals + technical + sentiment). Use when user asks abou...
⭐ 0· 417·4 current·4 all-time
by@eric961
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description (A‑share multi‑factor screener) align with the code: scripts fetch market data, compute factors, and produce recommendations. However SKILL.md references config/scripts (e.g., scripts/config.py, risk_backtest.py, market_executor.py) that are not present in the manifest — this mismatch suggests incomplete packaging or sloppy docs. Overall capability is reasonable for the stated purpose, but missing files and unrealistic model metrics (F1 0.54%) are odd.
Instruction Scope
Runtime instructions and code perform wide network scraping (Sina, EastMoney, AkShare, web scraping of '股吧') and call external APIs. The SKILL.md instructs adding a cron job and pip installing dependencies — normal — but the actual scripts manipulate environment proxies (clearing HTTP_PROXY/HTTPS_PROXY and setting NO_PROXY='*') and the main script inserts a hardcoded absolute path (/Users/liangjiahao/.openclaw/workspace/scripts) into sys.path before importing modules. Those actions go beyond straightforward data collection and could be used to bypass network controls or import local/hidden code.
Install Mechanism
No formal install spec in registry (instruction‑only); SKILL.md recommends pip installing common data science and data packages (pandas, xgboost, akshare, efinance). This is expected for a Python quant tool. Because installation is manual (pip), risk is moderate — user must vet packages before pip install. No downloads from unknown URLs were observed.
Credentials
The skill declares no required environment variables or credentials, which is reasonable. But the code forcibly clears proxy environment variables (HTTP_PROXY, HTTPS_PROXY) and sets NO_PROXY='*' at runtime — this is disproportionate and suspicious because it alters agent/network behavior without a clear, legitimate reason. The script also inserts a hardcoded user path into sys.path which could cause imports to load arbitrary modules from the user's filesystem.
Persistence & Privilege
The skill does not request always:true and does not declare modifications to other skills or system configs. It asks users to add a cron job via an openclaw command in SKILL.md, which is a normal scheduling step but requires user action. Autonomous invocation is allowed (platform default) but not by itself a concern here.
What to consider before installing
This skill appears to implement the described stock‑screening features, but there are several red flags you should consider before installing or running it: 1) The main script injects a hardcoded user path (/Users/…/workspace/scripts) into Python's import path — this can cause the skill to import arbitrary local code on your machine; 2) It clears HTTP_PROXY/HTTPS_PROXY and sets NO_PROXY='*', which can bypass proxy/monitoring setups and is unnecessary for normal operation; 3) It imports or references an anti‑scraping library (Scrapling / StealthyFetcher), indicating aggressive scraping behavior; 4) SKILL.md mentions config files and other scripts that are not present in the package (e.g., scripts/config.py, market_executor.py), suggesting the package may be incomplete or inconsistent. Recommendations: only run this in an isolated environment (sandbox / VM), inspect and remove the sys.path insertion and proxy overrides before use, avoid running pip installs from unknown sources without reviewing packages, and confirm the skill's author/origin. If you plan to use it with real accounts or sensitive network environments, do not install until these issues are resolved.Like a lobster shell, security has layers — review code before you run it.
latestvk97enmxh1sh8p1g9bgy9ev2j0x829j6c
License
MIT-0
Free to use, modify, and redistribute. No attribution required.