Skillv0.1.1

ClawScan security

YahooClaw · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 11, 2026, 10:41 AM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill appears to implement a Yahoo Finance client using a standard npm library, but its documentation and SKILL.md claim features (failover, caching, API manager, Alpha Vantage backup) and installation behavior that are not present or not declared, and the package contains naming/missing-file inconsistencies and a prompt-injection signal in SKILL.md.
Guidance: This skill largely looks like a typical Yahoo Finance wrapper (it imports the standard yahoo-finance2 npm package and provides quote/history/news/technical modules), but there are multiple inconsistencies you should resolve before installing or running it in a production agent: - Documentation vs. code mismatch: README and SKILL.md claim features (automatic failover, APIManager, smart caching, Alpha Vantage fallback) that are either not implemented or reference missing files (e.g., APIManager, src/yahoo-finance.js). Expect runtime errors or incomplete behavior. - Install ambiguity: The registry says 'no install spec' but package.json declares dependencies. Ensure npm install (or equivalent) is run in a controlled environment so dependencies are present; do not run arbitrary install commands on a sensitive host without review. - Prompt-injection artifact: SKILL.md contained unicode control characters flagged by the scanner. Inspect SKILL.md in a text editor that can show hidden characters; remove or sanitize them if unnecessary. - Safety checks: Review the source code yourself (or have a developer do so). Verify which network endpoints are called (yahoo-finance2 contacts Yahoo Finance endpoints) and that no unexpected endpoints or credential exfiltration exist. Run the skill in a sandboxed environment first, and monitor network traffic and failures. - If you rely on the advertised advanced features (caching, failover, APIManager), request clarification from the owner or wait for a version where code and docs are consistent. If you proceed, run npm install and tests in an isolated environment and verify expected behavior before enabling it in an agent that has access to sensitive data.
Findings: [unicode-control-chars] unexpected: The SKILL.md contained unicode control characters flagged by the scanner. This is not required for a Yahoo Finance integration and can be used to obfuscate or manipulate parsers; review the raw SKILL.md for hidden characters before installing.

Review Dimensions

Purpose & Capability: concernName/description match the code's apparent purpose (Yahoo Finance integration). However README and SKILL.md claim extra capabilities (automatic failover, APIManager, smart caching, Alpha Vantage backup, 'news + sentiment' implemented — some of which exist in parts) that are not consistently implemented in the codebase. Several references (APIManager, src/yahoo-finance.js) appear in tests/scripts/docs but the corresponding files are missing from the manifest. The repository therefore over-promises features not present in the delivered code.
Instruction Scope: noteSKILL.md gives usage examples and optional env vars (API key, proxies) and does not instruct the agent to access unrelated system files or credentials. That scope is appropriate. However the SKILL.md contained a pre-scan prompt-injection signal (unicode-control-chars), which is suspicious and should be reviewed; additionally the docs instruct to run npm install and reference files that are not present, so runtime instructions may fail or behave unexpectedly.
Install Mechanism: concernRegistry metadata states 'no install spec — instruction-only', but the package includes package.json and source files with npm dependencies (yahoo-finance2, dotenv). There is no declared install mechanism despite the code requiring npm dependencies. This mismatch means automated installers may not run npm install, or the skill may fail at runtime. Scripts in package.json reference files (src/yahoo-finance.js) that don't exist, increasing the chance of runtime errors. The actual dependency (yahoo-finance2) is a standard npm package (moderate risk) but the missing install spec and inconsistent scripts are a red flag.
Credentials: okThe skill does not require any environment variables by registry metadata; SKILL.md documents optional variables (YAHOO_FINANCE_API_KEY, HTTP(S)_PROXY, ALPHA_VANTAGE_API_KEY) which are reasonable and proportionate for a data-fetching skill. There are no unexplained secret requests. Note: documentation mentions Alpha Vantage as backup, but the delivered modules primarily use yahoo-finance2 and do not clearly implement the fallback; this is a functionality mismatch rather than an overbroad credential request.
Persistence & Privilege: okThe skill is not flagged always:true and does not request persistent elevated privileges. It appears to be a normal user-invocable skill and does not request to modify other skills or system-wide settings. Autonomous invocation is allowed by default (disable-model-invocation: false) which is normal for skills.