Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Mx Selfselect
v1.0.0妙想自选管理skill,基于东方财富通行证账户数据及行情底层数据构建,支持通过自然语言查询、添加、删除自选股。
⭐ 0· 152·12 current·12 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name, description, SKILL.md, and the Python code are coherent: they call EastMoney API endpoints (mkapi2.dfcfs.com) to query/add/delete self-selected stocks. Nothing in the code requests unrelated cloud credentials or unrelated system access. However the registry metadata lists no required env vars while both SKILL.md and the code require an API key (MX_APIKEY), so the declared requirements are incomplete.
Instruction Scope
Runtime instructions are narrowly scoped to calling the specified EastMoney endpoints and saving CSV/JSON under /root/.openclaw/workspace/mx_data/output/. The code only reads MX_APIKEY (and will try to read a .env file two directories up if the env var is not set). SKILL.md's security note refers to EASTMONEY_APIKEY (a different variable name), which is an inconsistency that could cause confusion or misconfiguration. The .env lookup means the skill may read a repository-level .env file — it only extracts MX_APIKEY but that behavior should be known to users.
Install Mechanism
The skill is instruction-only (no install spec) but includes a scripts/requirements.txt that declares requests>=2.31.0. There is no declared install step to ensure dependencies are present; this mismatch can cause runtime failures or unexpected behavior when the environment lacks the dependency. There are no network downloads or other high-risk install actions in the package itself.
Credentials
The code only needs a single API key (MX_APIKEY) which is proportional to the stated function. But the registry metadata does not declare this required env var, and SKILL.md inconsistently references EASTMONEY_APIKEY in one place. The script writes files to /root/.openclaw/workspace/mx_data/output/, so it requires write access to that workspace path. The .env file lookup could read other files at repo root, though it only extracts the MX_APIKEY entry.
Persistence & Privilege
The skill does not request always:true, does not modify other skills or system-wide configurations, and only writes outputs to its own workspace directory. Autonomous invocation (disable-model-invocation=false) is the platform default and not itself a concern here.
What to consider before installing
This skill appears to implement the stated EastMoney self-select functionality, but take these precautions before installing or running it:
- Verify and supply the correct API key: the code expects MX_APIKEY (SKILL.md contains a typo referring to EASTMONEY_APIKEY). Do not set other unrelated secrets into .env unless you intend them to be read.
- The script will attempt to read a .env file at the repository root if MX_APIKEY is not in the environment; inspect that file before running to ensure it contains only intended values (it may expose other secrets if present).
- The script will make network requests to https://mkapi2.dfcfs.com with your API key in the request headers — only run it if you trust that endpoint and the source of the skill (the package has no homepage and unknown source).
- There is a requirements.txt (requests) but no install spec. Ensure your runtime provides the requests package or install it in an isolated environment (virtualenv/container) to avoid dependency surprise.
- Run the skill in an isolated environment (container or restricted VM) first, and review logs and the created files under /root/.openclaw/workspace/mx_data/output/ to confirm behavior.
- Ask the publisher to: (1) fix the env var name inconsistency in SKILL.md, (2) declare the required env var in registry metadata, and (3) add an install step or note about dependencies.
Given the inconsistencies and unknown source, avoid supplying high-privilege or reused credentials until you’re comfortable with the code and origin.Like a lobster shell, security has layers — review code before you run it.
latestvk971njqw8rvpmdycjf0r3079tx83rmxc
License
MIT-0
Free to use, modify, and redistribute. No attribution required.