ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

A股股市盘前盘中盘后分析/china-stocks-daily-review

v1.0.0

A股市场行情分析 Skill,支持生成三类报告:盘前市场综述、盘中市场简评、盘后复盘报告。 【触发词】开盘前分析、盘前综述、早盘预判、今天关注什么、盘中异动、午间复盘、 收盘复盘、今日行情怎么样、市场情绪、板块轮动、主线在哪、今天主线、连板梯队、 涨停分析、北向资金、南向资金、资金动向、成交额、全天行情、A股今日...

0· 59·0 current·0 all-time
by@kooui
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill claims to produce pre-/intraday/post-market A‑share reports and documents a 3-tier data fallback (Tushare Pro → AKShare → web search). Requiring a local Tushare token file (~/.tushare_token) and calling Tushare/AKShare/search engines is coherent with that purpose. However the README also claims '自动推送默认开启' (daily auto-push to WeChat/WhatsApp/etc.) without declaring any messaging credentials, config paths, or an install/scheduling mechanism — this claim is not supported by the rest of the package.
Instruction Scope
SKILL.md instructs the agent to read/write a token at ~/.tushare_token, validate connectivity to api.tushare.pro, call Tushare, fall back to AKShare, and finally use search-engine scraping as a last resort. These instructions stay within the stated data-gathering/reporting scope. The only scope creep is the implied outbound delivery: the README says reports will be pushed to user 'bound' messaging channels, but the instructions do not show how channels are discovered/authorized or how the push is performed.
Install Mechanism
This is instruction-only (no install spec, no code files executed by the platform). Dependencies (Python, akshare, optional tushare/baostock) are documented but there is no packaged installer; that is consistent with an instruction-only skill and is low-risk from an install-mechanism perspective.
Credentials
The skill requests no environment variables or external credentials in the registry metadata, but the runtime instructions expect a user-managed Tushare token stored at ~/.tushare_token. Asking for a token stored locally is proportionate to the stated purpose. However the skill claims integration with messaging channels (WeChat/WhatsApp) and automatic pushes without declaring what credentials or platform bindings are required — this is an unexplained privilege/side-channel.
!
Persistence & Privilege
The README states '安装本 Skill 后,每日自动推送默认开启' (daily auto-push enabled by default) and lists scheduled times. The registry flags show always:false and no install hooks; there is no code or config in the package that implements scheduling. This is an inconsistency: the skill implies it will schedule autonomous pushes and deliver to external messaging endpoints, but provides no mechanism or declared permissions for doing so. That gap could lead to unexpected automated messages or require platform-level automation that the user has not explicitly authorized.
What to consider before installing
What to check before installing: - Clarify auto-push behavior: ask the publisher how scheduled pushes are implemented and whether the platform will enable those schedules automatically. Don't assume the skill can schedule or send messages without explicit platform authorization. - Ask what messaging credentials (WeChat/WhatsApp) are required and where they must be stored; the skill does not declare or request those credentials, yet claims it will push to those channels. - Understand token storage: the skill asks you to save your Tushare token in ~/.tushare_token (plain text). If you provide a token, confirm you are comfortable with local plaintext storage and prefer creating a limited-scope API token if possible. - Disable or pause automatic pushes until you confirm delivery targets and content: if the platform supports task automation, ensure you explicitly opt-in and can review scheduled tasks. - If you need higher assurance, request implementation details or source for the push/scheduler logic, or prefer using the skill only on-demand (invoke it manually) rather than allowing autonomous scheduled pushes. Reason for suspicion: the skill's core data collection is coherent, but the automatic push/scheduling and external delivery claims are underspecified and not reflected in the package metadata or instructions, which could result in unexpected outbound messages or unclear credential usage.

Like a lobster shell, security has layers — review code before you run it.

a-sharesvk97btee50emfk0sppcg8ww2gen83j7s1china-stocksvk97btee50emfk0sppcg8ww2gen83j7s1financial-marketsvk97btee50emfk0sppcg8ww2gen83j7s1fundamental-analysisvk97btee50emfk0sppcg8ww2gen83j7s1intradayvk97btee50emfk0sppcg8ww2gen83j7s1investment-researchvk97btee50emfk0sppcg8ww2gen83j7s1investment-toolsvk97btee50emfk0sppcg8ww2gen83j7s1latestvk97btee50emfk0sppcg8ww2gen83j7s1live-marketvk97btee50emfk0sppcg8ww2gen83j7s1market-alertsvk97btee50emfk0sppcg8ww2gen83j7s1market-datavk97btee50emfk0sppcg8ww2gen83j7s1market-monitorvk97btee50emfk0sppcg8ww2gen83j7s1post-marketvk97btee50emfk0sppcg8ww2gen83j7s1pre-marketvk97btee50emfk0sppcg8ww2gen83j7s1quantitative-analysisvk97btee50emfk0sppcg8ww2gen83j7s1real-time-analysisvk97btee50emfk0sppcg8ww2gen83j7s1stock-analysisvk97btee50emfk0sppcg8ww2gen83j7s1technical-analysisvk97btee50emfk0sppcg8ww2gen83j7s1trading-sessionvk97btee50emfk0sppcg8ww2gen83j7s1trading-signalsvk97btee50emfk0sppcg8ww2gen83j7s1

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments