stock-industry-analyzer
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: stock-industry-analyzer Version: 1.0.0 The bundle is a functional stock and industry analysis tool that uses legitimate financial data libraries (akshare, pandas) and a local SQLite database. While several scripts (run_analysis.py, run_simple.py, and test_debug.py) contain hardcoded local Windows file paths (e.g., C:\Users\l31408\...), these appear to be unintentional development artifacts left over from the author's environment rather than malicious indicators. The code lacks any evidence of data exfiltration, unauthorized network communication, or prompt injection attempts.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Users may believe the report is based on fresh news when parts of it are static or generated, which is especially risky for investment-related decisions.
The fetcher labels hardcoded template items as realtime news rather than actually fetching those articles, while the skill is described as automatically collecting current domestic and international financial news.
news_templates = [ ... {"title": "宁德时代发布新一代电池技术,续航突破1000公里", ... "url": "https://finance.eastmoney.com/a/20260313.html"} ... ]; ... "api_source": "realtime"Treat the reports as demo or educational output unless the news-fetching code is replaced with verified live data sources and clearly labels mock/static data.
The skill may produce persuasive-looking buy/avoid guidance from random values, causing users to overtrust unreliable financial analysis.
Technical indicators used in the analysis are randomized rather than calculated from actual historical price data, yet the skill generates stock scores and suggestions.
ma5 = price * random.uniform(0.98, 1.02) ma10 = price * random.uniform(0.96, 1.04) ma20 = price * random.uniform(0.94, 1.06) rsi = random.uniform(30, 80)
Do not rely on the generated recommendations for trading; require transparent, deterministic indicator calculations from real historical market data.
Dependency changes could affect behavior or reliability over time.
The dependency list uses lower-bound version ranges and no lockfile, so future installs may pull newer package versions. The packages are purpose-aligned for financial data and analysis.
akshare>=1.12.0 pandas>=1.5.0 jieba>=0.42.0 yfinance>=0.2.0
Install in an isolated environment and prefer pinned, reviewed dependency versions for repeatable behavior.
Local reports and databases may accumulate stale or incorrect market context over time.
The skill is designed to keep local news, trend, stock, report, and log data for long periods. This is disclosed and fits the historical-analysis purpose.
"data_retention": { "news": "永久", "industry_trend": "永久", "stock_kline": "永久", "reports": "3年", "logs": "1年" }Periodically review and clean the local data store, especially if the skill is used for ongoing analysis.
If scheduled, the skill will keep fetching/analyzing and writing local data on a recurring basis.
The skill documents optional periodic execution through cron. This is disclosed and user-configured, not hidden background persistence.
每30分钟自动更新(可通过cron设置) ... /30 * * * * python /path/to/main.py
Only enable the cron schedule if you want ongoing background analysis, and disable it when no longer needed.