Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
香港银行存款利率查询
v1.1.0查询香港银行存款利率。当用户要求查询银行利率、存款利率、定期存款利率、openclaw、设置利率提醒 时触发。
⭐ 0· 86·0 current·0 all-time
by@laosji
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's purpose (query bank rates and set reminders) matches the described WebFetch and scheduling behavior. However, it explicitly depends on a Notion database (Notion Database ID and Data Source ID) but the skill declares no required credentials or environment variables for accessing Notion. Reaching a private Notion database normally requires an API token; the absence of any declared credential is an inconsistency.
Instruction Scope
SKILL.md instructs the agent to read and write a cache file at ~/.claude/hk-bank-rates-cache.json, to fetch data from Notion via 'notion-fetch', to perform arbitrary WebFetch scrapes of bank websites, and to create/manage scheduled tasks. Those actions go beyond a simple query helper: they persist potentially sensitive scraped content to disk and run recurring autonomous tasks. The skill's metadata did not declare the use of this filesystem path or that it will create scheduled background tasks.
Install Mechanism
There is no install spec and no code files — instruction-only. That minimizes supply-chain risk because nothing is downloaded or installed by the skill itself.
Credentials
The instructions require access to a Notion database but list no env vars (no NOTION_TOKEN or similar). The skill also uses the user's home directory (~/.claude) for cache storage without declaring config paths. While the skill does not request API keys or other secrets explicitly, the lack of declared credentials for Notion is a proportionality/clarity problem: either the platform supplies Notion access implicitly (not documented) or the skill is missing an essential declared requirement.
Persistence & Privilege
The skill will create a scheduled task (taskId: hk-bank-rate-monitor) which gives it recurring autonomous execution and it will read/write ~/.claude/hk-bank-rates-cache.json on each run. 'always' is false, so it's not force-installed, but scheduled tasks plus local cache persistence increase the blast radius if the task or cache handling is abused. This is expected for a monitoring skill but should be made explicit and auditable.
What to consider before installing
Before installing, ask the developer or manifest to clarify: (1) How will the skill access the Notion database? It references a Notion DB ID but declares no credentials — you should expect to provide a NOTION_TOKEN or to confirm the platform supplies secure Notion access. (2) The skill writes and later reads ~/.claude/hk-bank-rates-cache.json — review what data will be stored (it may include raw scraped page text) and whether you’re comfortable with that being written to your home directory. (3) The skill creates a scheduled task named hk-bank-rate-monitor that will run periodically and perform network fetches and file writes — confirm you want that persistent background behavior. (4) Because the skill comes from an unknown source with no homepage, prefer running it in a restricted/sandboxed agent or request the full source (or a manifest that lists required env vars and exact fetch behavior) before granting permission. If any of these points are unclear or you cannot verify the Notion access method, treat the skill as risky and do not enable scheduled/background execution or filesystem writes until resolved.Like a lobster shell, security has layers — review code before you run it.
latestvk974e501fkbnh656x43pv8kfe98394dh
License
MIT-0
Free to use, modify, and redistribute. No attribution required.