funds-agent
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill mostly matches its fund-reporting purpose, but it contains hardcoded Telegram credentials and a fixed chat ID that could send reports to someone else unless changed.
Do not run or schedule this skill as-is. First remove the embedded Telegram token and chat ID, revoke the exposed bot token if you control it, configure your own recipient safely, and inspect or replace the hardcoded news-market helper path. If you already enabled the scheduled task, disable it until these settings are corrected.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If run as provided, the Telegram portion may use someone else's bot and send the user's fund report to the hardcoded chat ID.
The source embeds a Telegram bot credential and a fixed recipient identified as Joshua, while the skill metadata declares no primary credential and the docs imply users should provide their own Telegram settings.
TELEGRAM_BOT_TOKEN = "8599058765:AAH_4PW..."; TELEGRAM_CHAT_ID = "7333732220" # Joshua 的 Chat ID
Remove the hardcoded token and chat ID, revoke the exposed bot token, and require the user to provide Telegram credentials through environment variables or a local private config file before sending.
Configured fund codes, fund performance, and generated report content could be transmitted to a Telegram destination the user did not intend.
The generated report text is sent to Telegram. Because the default bot token and chat ID are hardcoded elsewhere in the same file, the outbound data boundary is not clearly user-controlled.
url = f"https://api.telegram.org/bot{bot_token}/sendMessage"; data = {"chat_id": chat_id, "text": message, "parse_mode": "Markdown"}; response = requests.post(url, json=data, timeout=30)Make Telegram sending opt-in, show the resolved recipient before sending, and fail closed unless user-owned Telegram credentials are configured.
Report generation may run unreviewed or different local code if that path exists, and it may fail or behave unpredictably on other systems.
The skill executes a helper script from a hardcoded external skill path that is not part of the provided manifest or dependency list.
script_path = r"C:\Users\ZhuanZ\.openclaw\workspace\skills\news-market\scripts\news_market.py"; subprocess.run(['python', script_path, 'category', '--cat', 'securities', '--limit', str(limit)], ...)
Declare the news-market dependency explicitly, avoid author-specific absolute paths, and either include the reviewed helper code or call a documented API with clear permissions.
Once scheduled, the script will keep running daily until the user removes the scheduled task or cron entry.
The skill documents creating a recurring scheduled task. This is expected for a daily report skill, but it creates ongoing automated behavior after setup.
默认每天下午 4:00 自动运行 ... schtasks /Create /TN "基金日报" ... 0 16 * * * python /path/to/fund_daily.py
Only create the schedule after verifying credentials, output paths, and recipients; document how to disable the scheduled task.