Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Stocktorch
v1.0.2A股智能分析系统。支持个股综合分析(技术/财务/资金流/新闻融合)和大盘实时分析。
⭐ 0· 126·0 current·0 all-time
byfslong@fslong520
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The SKILL.md describes a full A‑share analysis tool that runs python3 run_skill.py, reads docs/, and writes reports/, yet the skill bundle contains only SKILL.md and no code, docs, or binaries. The declared requirements list no binaries or env vars, but the instructions implicitly require python3 and a browser interface (browser_use). This mismatch is incoherent: either the skill is a thin operator that expects external project files, or it's misleading about providing runnable functionality.
Instruction Scope
Runtime instructions direct the agent to perform web searches (browser_use), extract stock codes, run local commands (python3 run_skill.py ...), read many local documents (docs/*.md, report/读财报.md) and save reports to reports/. Those files are not present in the package; following these instructions could cause the agent to search the user's file system or execute arbitrary local Python scripts if they exist. The instructions also assert timing ('0.5秒获取18年数据') and strict document-read rules which give the agent broad discretion to access system files and browser results beyond the skill's stated scope.
Install Mechanism
There is no install spec (instruction-only). That reduces supply-chain risk because nothing is downloaded or written by an installer. However, the lack of delivered code means the instructions are placeholders that rely on external code being present on the host — a separate risk vector.
Credentials
The skill requests no environment variables or credentials, which is proportionate. But it nevertheless instructs reading and writing local files and executing python3 commands: those behaviors require filesystem and execution privileges that are not declared. The absence of declared env/credentials is not sufficient reassurance because the skill could cause the agent to access local data or invoke local programs.
Persistence & Privilege
always is false and the skill does not request persistent installation. Autonomous invocation is allowed (platform default). That alone is not a red flag, but combined with the instruction to execute local scripts it increases the potential impact if the agent is permitted to run code on the host.
What to consider before installing
This package is just an instruction file (SKILL.md) that describes a full Python-based stock analyzer but does not include any code, docs, or installers. Before installing or enabling it: 1) Ask the publisher for source code or a homepage and verify the run_skill.py and docs referenced in SKILL.md. 2) If you allow the agent to run this skill, restrict its filesystem and execution permissions (run in a sandbox) because the instructions will try to execute python3 scripts and read/write local files if they exist. 3) If you find run_skill.py from an external repo, audit that code before granting the agent permission to execute it. 4) Avoid enabling the skill on systems with sensitive data unless you can confirm exactly which files and network endpoints the skill will access.Like a lobster shell, security has layers — review code before you run it.
a-sharevk97fcdhj1vvfcpj29mtech589n83w2pzanalysisvk97fcdhj1vvfcpj29mtech589n83w2pzchinesevk97fcdhj1vvfcpj29mtech589n83w2pzfinancevk97fcdhj1vvfcpj29mtech589n83w2pzlatestvk97d682cpxewwnw285j11k36ds83zhmmstockvk97fcdhj1vvfcpj29mtech589n83w2pz
License
MIT-0
Free to use, modify, and redistribute. No attribution required.