ClawHub

CNInfo Reports

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it says—download public CNInfo report PDFs—but users should expect network requests, local file writes, and a small Python dependency install.

This looks safe for its stated purpose. Before installing, use a virtual environment, pass an explicit stock CSV and output/runtime directory, run --dry-run first, and remember that queried stock codes go to CNInfo while downloaded PDFs, logs, manifests, and SQLite state remain on disk.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#
ASI02: Tool Misuse and Exploitation
Low
What this means

Running from a broad directory could cause the tool to use the wrong stock-code list.

Why it was flagged

If the configured CSV path is not found, the code searches recursively from the current working directory for a default-named CSV and uses the first match. This is constrained and purpose-aligned, but could pick an unintended file.

Skill content
for path in Path.cwd().rglob("上市公司基础信息.csv"):
            return path
Recommendation

Pass an explicit --stock-csv path and use --dry-run first to verify the intended matches.

#
ASI07: Insecure Inter-Agent Communication
Low
What this means

CNInfo can observe which stock codes are being queried.

Why it was flagged

Stock codes loaded from the local CSV are used as CNInfo search terms. This is expected for the service, but it means the user's selected stock list is sent to CNInfo.

Skill content
"searchkey": keyword,
Recommendation

Only use CSVs whose stock-code contents you are comfortable sending to CNInfo.

#
ASI04: Agentic Supply Chain Vulnerabilities
Low
What this means

A future dependency version could be installed instead of the version the author tested.

Why it was flagged

The skill relies on a PyPI dependency with a lower-bound version rather than an exact pin. This is normal for a simple HTTP downloader but is less reproducible than a locked dependency.

Skill content
requests>=2.32.0
Recommendation

Install in a virtual environment and pin or review dependencies if you need stronger reproducibility.

#
ASI10: Rogue Agents
Info
What this means

Progress data, logs, and manifests can remain on disk after a run.

Why it was flagged

The skill creates persistent local runtime state for resume behavior. The persistence is disclosed and reset instructions are provided.

Skill content
The script tracks progress in SQLite and can resume after interruption.
Recommendation

Use a project-specific runtime directory and delete the documented runtime state files if you want to reset or clean up.