Skillv1.0.0

ClawScan security

股票实时行情分析器(安全版) · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 30, 2026, 7:38 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code, instructions, and requested runtime behavior are internally consistent with a stock price/fundamentals analyst and report-sender; it uses AkShare and JQData for data and SMTP for sending mail and does not contain obvious exfiltration or unrelated resource access, but pay attention to how credentials are handled and a small metadata mismatch.
Guidance: This package appears to implement what it promises (real-time quotes, JoinQuant fundamentals, report generation, and email sending). Before installing or running: (1) be prepared to provide sensitive credentials — JQDATA_PHONE/JQDATA_PASSWORD for JoinQuant (optional, only if you need fundamentals) and either QQ_EMAIL_AUTH_CODE or GMAIL_APP_PASSWORD for SMTP — do not paste these into code or public places; use environment variables or your OS keyring; (2) note the registry metadata does not list those env vars even though the scripts expect them — the omission is informational, not necessarily malicious; (3) jq_login.py stores only the phone on disk and sets the password in the running process environment (it does not persist the password), so to persist login you must export env vars yourself (or accept session-only behavior); (4) inspect/send tests with a throwaway email account first (send_email.py uses the provided email address as the SMTP login and as recipient/sender which can be confusing); (5) run pip installs in a virtual environment; (6) if you need higher assurance, review logs/network traffic or run the scripts in an isolated environment — nothing in the code indicates silent exfiltration, but the scripts will make network requests to AkShare/JQData and SMTP servers as part of normal operation.
Findings: [pre-scan-injection-signals-none] expected: Static pre-scan found no injection signals; consistent with this being a typical local Python tool that uses network libraries and SMTP.

Review Dimensions

Purpose & Capability: okName/description (real-time quotes, fundamentals, report generation, email) matches the included scripts: stock_query.py (AkShare), stock_fundamentals.py & jq_login.py (JQData), generate_report.py (report assembly), send_email.py (SMTP). Required libraries and env vars referenced by the code are appropriate for the stated features.
Instruction Scope: noteSKILL.md instructions confine actions to installing Python deps, running local scripts to query AkShare/JQData, generating reports, and sending mail. The scripts read/write a local report file and a small .jq_config.json (phone only). Note: jq_login.py claims to place credentials only in environment variables (not on disk) — the save_config implementation writes phone to disk but only injects password into the running process's env, so the password won't persist after the script exits unless the user exports it manually. No instructions attempt to read unrelated system files or send data to third-party endpoints beyond expected APIs/SMTP servers.
Install Mechanism: okNo install spec is provided (instruction-only); SKILL.md directs users to pip install the listed requirements, which is proportional. No downloads from arbitrary URLs, no extracted archives, and dependencies are standard Python packages (akshare, jqdatasdk, pandas, requests).
Credentials: concernThe code expects several environment variables at runtime (JQDATA_PHONE, JQDATA_PASSWORD, QQ_EMAIL_AUTH_CODE, GMAIL_APP_PASSWORD) but the skill metadata declared 'Required env vars: none'. This metadata omission can mislead users about credential needs. The requested credentials are proportionate to the functionality (JQData login and SMTP authentication), but users should be aware and supply only appropriate service credentials. Variables named PASSWORD/AUTH_CODE are sensitive and must be handled by the user securely.
Persistence & Privilege: okSkill does not request always:true or elevated platform privileges. It creates a small config file (.jq_config.json) that stores only the phone number and sets file perms to 600; passwords are not persisted to disk by the provided code. The skill can run network calls to AkShare/JQData and SMTP servers as expected for its function.