v1.0.3

mapulse-korea

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 8:23 AM.

Analysis

This appears to be a real Korean stock-analysis Telegram bot, but users should review it because it stores user query history and has broad Telegram group access and scheduled messaging behavior.

GuidanceBefore installing, review the SQLite data it keeps, decide whether storing query history is acceptable, set ALLOWED_GROUPS if the bot may be added to Telegram groups, and enable cron/public push features only after confirming recipients and frequency.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Rogue Agents

SeverityLowConfidenceHighStatusNote

SKILL.md

The skill includes cron scripts that send scheduled briefings to your bot's own users ... None of these run automatically. You opt in by adding them to your crontab.

The skill includes background scheduled messaging capability, but it is disclosed as optional and user-scheduled.

User impactIf enabled, scheduled jobs can send briefings or alerts to Telegram users without per-message confirmation.

RecommendationOnly enable cron jobs after reviewing recipients, opt-out behavior, and message frequency.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

SKILL.md

pip install python-telegram-bot pykrx requests beautifulsoup4

The setup uses unpinned package installs. This is common and central to the bot, but users do not get locked dependency versions.

User impactFuture package changes could affect behavior or security of the bot installation.

RecommendationInstall in a virtual environment and prefer pinned, reviewed dependency versions for production use.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceMediumStatusConcern

bot/mapulse_bot.py

# ... 비어있으면 DM만 허용 ... if not ALLOWED_GROUPS: return True  # 화이트리스트 미설정 → 전부 허용

The provided group-access helper allows all groups when ALLOWED_GROUPS is unset, while a nearby comment says an empty setting should allow DMs only.

User impactIf the bot is added to groups without ALLOWED_GROUPS configured, it may respond to and store data from a broader Telegram audience than the operator intended.

RecommendationSet ALLOWED_GROUPS explicitly before deployment, or change the default to private chats only and document the default clearly.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityMediumConfidenceHighStatusConcern

scripts/claude_ai.py

query_history TEXT DEFAULT '[]' ... "q": query_text[:100] ... prefs["query_history"] = history[-20:]

The code stores the last 20 user query snippets with language and timestamps for later preference use. SKILL.md discloses user profiles and focus stocks, but not persistent query history.

User impactUsers' financial questions and interests may be retained locally and reused for personalization beyond what they may expect from the persistence summary.

RecommendationClearly disclose query-history storage, retention, and deletion controls; allow users or operators to disable or purge this memory.