v1.0.0

Stock Monitor Skill 0.1.0

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 6:06 AM.

Analysis

The stock monitor largely matches its stated purpose, but package metadata/configuration inconsistencies and a persistent background daemon mean it should be reviewed carefully before installation.

GuidanceReview the package identity mismatch and configuration behavior before installing. Do not start the daemon until you have confirmed which holdings and cost bases it will use, and remember that it will keep running in the background until stopped.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities

SeverityMediumConfidenceHighStatusConcern

_meta.json

"ownerId": "kn70aj13hr3z4fpmfk1y2jmpz181gn2z", "slug": "stock-monitor-skill", "version": "0.1.0"

These internal metadata values differ from the supplied registry metadata, which lists a different owner ID, slug, and version. That weakens provenance and makes it harder to know which package identity/version the user is installing.

User impactUsers may not be able to confidently verify the package origin or version before running code that starts a background process.

RecommendationInstall only after the publisher resolves the metadata mismatch and provides a clear source repository or trusted release provenance.

Human-Agent Trust Exploitation

SeverityMediumConfidenceHighStatusConcern

README.md

cp config.example.py config.py
# 编辑 config.py 填入你的持仓

The documented user-specific configuration file is not included in the provided file manifest, while the code contains a built-in portfolio/watchlist. This makes the setup instructions materially inconsistent with the actual package.

User impactA user could start the monitor believing it is configured for their own holdings when it may instead use hardcoded example positions and cost bases, producing misleading financial alerts.

RecommendationRequire a real user-created config file before the daemon can start, include config.example.py, and avoid hardcoded personal-looking holdings in executable defaults.

Rogue Agents

SeverityLowConfidenceHighStatusNote

scripts/control.sh

nohup python3 "$SCRIPT_DIR/monitor_daemon.py" > "$LOG_DIR/monitor.log" 2>&1 &
echo $! > "$PID_FILE"

The skill can start a long-running background daemon and persist its PID/logs under the user's home directory. This is disclosed and has stop/status commands, but users should notice the persistent behavior.

User impactThe monitor may continue running, making periodic network requests and writing logs until the user stops it.

RecommendationStart it only when continuous monitoring is desired, and use ./control.sh status and ./control.sh stop to manage it.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityLowConfidenceMediumStatusNote

scripts/monitor.py

"code": "600362", "name": "江西铜业", "cost": 57.00

The monitoring configuration includes portfolio symbols and cost bases, which are sensitive personal financial context if replaced with the user's real holdings.

User impactPortfolio holdings and cost bases could be exposed if the skill files or logs are shared, backed up, or reviewed by others.

RecommendationKeep portfolio configuration private, avoid committing real holdings to shared skill files, and check log contents before sharing logs.