Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Stock Tracker Pro
v1.1.0股票监控技能。使用 Yahoo Finance 获取股票数据。支持添加股票到监控列表、删除股票、查询股票信息。触发场景:(1) 添加股票如"监控 AAPL",(2) 删除股票如"删除 TSLA",(3) 查询股票如"查看腾讯股票"、"AAPL 股价"。
⭐ 0· 594·2 current·2 all-time
byFrank Huang@hongbhuang
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
Name/description promise: fetch stock data/news from Yahoo Finance and manage a watchlist — that aligns with the Python code that calls Yahoo endpoints and reads/writes a local stocks.json. However, get_stock_info.py also attempts to run a separate script at a hardcoded path (/home/frank/.openclaw/workspace/skills/openclaw-tavily-search/scripts/tavily_search.py) to gather news. Calling an unrelated local skill's script is not necessary for the stated purpose and is disproportionate; the SKILL.md does not disclose this dependency. The SKILL.md also hardcodes a /home/frank workspace path which may not apply to other environments.
Instruction Scope
SKILL.md instructs running the included scripts (add/remove/list/get). The runtime code matches those commands, but get_stock_info.py will attempt to execute an external local script via subprocess.run (timeout=15) and read its JSON output — behaviour not documented in SKILL.md. This gives the skill the ability to execute arbitrary Python code present elsewhere in the user's workspace, which is outside the skill's documented scope.
Install Mechanism
There is no install spec (instruction-only), so nothing is downloaded at install time. The package includes Python scripts that will be present on disk when the skill is installed; no external archives or network installs are requested. Note: the scripts use the 'requests' library but the skill does not declare dependencies.
Credentials
No environment variables or credentials are requested (appropriate), but the code accesses a hardcoded filesystem path in the user's workspace and executes another skill's script. That grants it implicit access to other local code and any data those scripts might access. The skill also performs outbound network calls to Yahoo Finance (expected) and expects to call a local 'tavily' script for news (not declared).
Persistence & Privilege
The skill does not request always: true and does not attempt to modify other skills or global agent configuration. It writes a local stocks.json in its own directory (normal for a watchlist). The main concern is execution of another skill's script — not permanent privileged presence.
What to consider before installing
This skill mostly matches its description (fetches Yahoo Finance data and manages a local watchlist), but it also runs a hardcoded local script at /home/frank/.openclaw/workspace/skills/openclaw-tavily-search/scripts/tavily_search.py to collect news. That behavior is not documented in SKILL.md and lets the skill execute arbitrary code present elsewhere in your workspace. Before installing: (1) inspect the included scripts, especially get_stock_info.py and the referenced tavily_search.py if it exists; (2) if you don't trust the owner or that external tavily script, remove or sandbox the subprocess call; (3) be cautious running this on systems with sensitive data — the skill could leverage other workspace scripts to access secrets or network resources; (4) ensure Python dependencies (e.g., requests) are managed in a controlled environment; (5) prefer installing only from a trusted source or ask the publisher to remove the hardcoded cross-skill execution and to document any external dependencies. If you want, I can show the exact lines that call the external script and suggest a safer replacement (e.g., fetch news over HTTPS from a known API).Like a lobster shell, security has layers — review code before you run it.
latestvk97ca38avvbza1gcepr3krjqf183247q
License
MIT-0
Free to use, modify, and redistribute. No attribution required.