Equal Data - China A Share Stock Data Service Skill
Security checks across malware telemetry and agentic risk
Overview
This appears to be a legitimate read-only financial data skill, but it asks you to install an external Python package and provide an Equal Data API key.
Before installing, verify the equal-data PyPI package and repository, install it in an isolated virtual environment, and configure only the Equal Data API key you intend this skill to use. The visible artifacts describe read-only financial data queries rather than trading or account mutation.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the dependency can run third-party Python package code on the user's machine.
The skill depends on a pinned external PyPI package whose code is not included in the skill artifacts; this is expected for the integration but should be verified before installation.
install_required: true install_command: pip install 'equal-data==0.0.12'
Install in a virtual environment, verify the PyPI package and repository provenance, and avoid untrusted package indexes.
Anyone or any agent with the configured key may be able to use the Equal Data service under the user's account limits.
The skill requires a service credential to query Equal Data. This is purpose-aligned for the data provider, but it gives the skill access to that API account or quota.
本 Skill 需要equaldata API_KEY (`EQUAL_DATA_API_KEY`)
Use a revocable or least-privilege API key if available, store it only in trusted configuration, and do not paste it into chat or shared files.