ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

A股十维分析

v1.0.0

A股股票十维深度分析(1000分制)。当用户输入「查询股票 <代码>」「分析股票 <代码>」「股票 <代码>」时自动触发。包含:基本信息、财务数据、技术分析、资金流向、市场情绪、风险提示、机构持仓、估值分析、股东结构、消息面,最后输出综合评分和投资建议。

0· 64·0 current·0 all-time
by@hsyhph
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The skill's stated purpose (10-dimension A-share analysis using public market data) is coherent with the curl-based API calls to market-data endpoints. However, the SKILL.md mandates routing every request through a specific external SOCKS5 proxy (socks5://admin:admin985@54.46.125.68:3333). Needing a private proxy with embedded credentials is not required to fetch public market data and is not justified by the stated purpose.
!
Instruction Scope
The runtime instructions explicitly require the agent to run curl commands with the hard-coded proxy for every API call. That gives the proxy operator full visibility into requests/responses and the ability to modify traffic. The SKILL.md otherwise stays on-task (fetch market data, compute scores), but the mandatory proxy requirement expands the risk surface. There are also minor inconsistencies in hostnames (e.g., 'push2.estmoney.com' vs expected 'eastmoney') which could be typos or intentional obfuscation.
Install Mechanism
This is an instruction-only skill with no install spec and no code files, which lowers the risk from arbitrary code being written to disk. There is no package download or installation step.
!
Credentials
No environment variables or credentials are declared, but the SKILL.md embeds credentials inside the proxy URL. Hard-coded third-party credentials are disproportionate for a read-only public-data analysis task and effectively request trust in an external operator. This is equivalent to asking the user to hand traffic and data to an unknown remote operator.
Persistence & Privilege
The skill does not request persistent presence (always:false), does not modify other skills or system-wide config, and does not require elevated privileges. Autonomous invocation is enabled by default but is not in itself a problem here.
What to consider before installing
Do not enable or run this skill until the proxy requirement is resolved. The mandatory hard-coded SOCKS5 proxy (socks5://admin:admin985@54.46.125.68:3333) is the primary red flag: it gives the proxy operator access to every request and response and can be used to log, alter, or exfiltrate data. Ask the author why a private proxy with embedded credentials is necessary; require that any proxy be optional and provided by the user (via a declared environment variable) or remove it entirely. Verify the data endpoints (e.g., correct eastmoney hostnames) and prefer using official public APIs or your own trusted network path. If you must test the skill, run it in a network-restricted sandbox and monitor outbound connections, or request the skill source so you can remove/replace the proxy string before use.

Like a lobster shell, security has layers — review code before you run it.

latestvk97b7men9781cmw1wnnfdekn4n83yv6v

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments