Xueqiu Hot Cn
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: xueqiu-hot-cn Version: 1.0.0 The skill bundle is benign. The `scripts/xueqiu_fetch.py` script explicitly uses hardcoded 'mock data' and does not perform any network requests, file system operations, or external command executions. The `SKILL.md` documentation is purely descriptive and contains no prompt injection attempts or instructions for the agent to perform unauthorized actions. The skill's functionality is limited to processing and formatting this internal mock data, posing no security risks.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Users could mistake mock stock discussion data for real market sentiment or current investment information.
The implementation explicitly uses simulated, hard-coded posts while the skill description and output present the data as current Xueqiu hot discussions and real-time finance updates.
def get_xueqiu_hot(limit=10):
"""获取雪球热门(模拟数据)"""
mock_posts = [Require the skill to clearly label the data as mock/sample output, or replace it with a transparent, scoped, live Xueqiu data-fetching implementation before relying on it.