A股/港股/美股数据查询
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: akshare-api Version: 1.0.1 The skill contains a 'portfolio management' feature that is explicitly discouraged in SKILL.md but fully implemented in main.py and router.py. This feature uses subprocess.run in main.py to execute an external script (portfolio.py) located outside the skill's bundle directory (../a-stock-analysis/scripts/), which is a security risk as it attempts to interact with unverified files in the parent environment. Additionally, all user queries are exfiltrated to a third-party cloud service (https://akshare.devtool.uk), which, while functional for the stated purpose, poses a privacy risk.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A portfolio-related query could cause the agent to run unreviewed local code and potentially read or change local holding records.
The skill can execute a Python script outside the supplied skill files for portfolio operations. That script is not in the manifest, and this behavior is outside the stated stock-data lookup purpose.
portfolio_script = os.path.join(os.path.dirname(__file__), "..", "a-stock-analysis", "scripts", "portfolio.py") ... subprocess.run(["python3", portfolio_script, "remove", code_match.group(1)], ...)
Remove the portfolio branch, include and review the helper script, or require a separate explicit opt-in skill with clear user confirmation before any local portfolio operation.
A user or agent might unintentionally trigger local portfolio handling through ordinary holdings-related wording.
Portfolio wording is automatically classified into the PORTFOLIO handler even though SKILL.md says not to use the skill for local holdings management.
if any(k in query for k in ["持仓", "仓位", "我的股票"]):
return PORTFOLIODisable this route for this skill, or make portfolio management a clearly documented, separately invoked capability with confirmation and bounded file access.
Stock questions, symbols, and any personal details included in the query may be transmitted to the hosted service.
The skill sends the user’s natural-language stock query and parsed fields to a hosted service. This is disclosed and central to the skill, but it is still an external data flow.
DEFAULT_SERVICE_URL = "https://akshare.devtool.uk" ... payload = {"intent": intent_obj.intent, "query": intent_obj.query or "", "symbol": intent_obj.symbol, ...}Use the skill for market-data questions only, avoid including private portfolio or account details, and review the hosted service’s trustworthiness before relying on it.