ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

A Stock Daily Review

v2.0.0

每天晚上自动推送A股市场全面分析和持仓技术点评,助力短线投资者制定明日操作计划。

0· 293·0 current·0 all-time
by@lkx161
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill claims automatic nightly push to WeChat and real-time market analysis. It lists plausible dependency skills for market data and analysis, but it does not declare any mechanism, credentials, or config for sending messages to WeChat or for scheduling — so the claimed delivery capability is unexplained. Requiring the user to edit ~/.clawdbot/skills/a-stock-analysis/portfolio.json is reasonable for holding positions, but the automatic push and scheduling parts are not documented or justified.
!
Instruction Scope
SKILL.md and README instruct the user/agent to install other skills via 'npx clawhub install ...', to edit a portfolio file under the user's home (~/.clawdbot/...), and claim the skill will run nightly at 21:00 UTC. The instructions do not show how scheduling is configured, where WeChat credentials are stored, or which component will perform the push. Asking the agent/user to edit files in the home directory is within scope for a portfolio feature, but it also exposes a local path that would be read/written at runtime — the skill's instructions give the agent discretion to modify that config without documenting safeguards.
!
Install Mechanism
There is no formal install spec in the registry entry, but the README/SKILL.md tell users to run 'npx clawhub install ...' to pull dependency skills. Using npx executes packages from npm at install time and can run arbitrary code; the skill itself provides no verification or pinned versions for those installs. Because this is instruction-only, there is no bundled code to analyze, but the recommended npx install of multiple third‑party skills increases risk unless those packages and the 'clawhub' tool are trusted and audited.
!
Credentials
The skill declares no required environment variables or credentials, yet it promises real-time market data and WeChat delivery. Real-time market feeds and WeChat pushing normally require API keys/tokens and/or gateway configuration. The omission of any credential requirements is disproportionate to claimed functionality. It is possible that the referenced dependency skills handle credentials, but this is not documented here — the user cannot tell which secrets will be needed or where they'd be stored.
Persistence & Privilege
The skill is not force-enabled (always:false) and does not claim to modify other skills' configs. It does request writing/reading a portfolio file under ~/.clawdbot/skills, and asks the user to restart the Gateway to enable the skill — this implies runtime integration but not excessive privileged persistence. That said, installing dependency skills via npx could result in additional persistent code on disk outside this skill's manifest.
What to consider before installing
Key things to check before installing: - Ask where WeChat delivery is configured and how credentials are stored. This skill promises automatic nightly pushes but does not declare any WeChat API token or scheduling setup. - Inspect the dependent skills (a-stock-trading-assistant, a-stock-market, china-stock-analysis, china-a-stock-trader, a-share-signal). They may require API keys, broker credentials, or network endpoints; review their manifests and code before installing. - Be cautious about running the suggested 'npx clawhub install ...' commands: npx pulls and executes code from npm. Only run them if you trust the 'clawhub' tool and the specific packages and versions. - Review and backup ~/.clawdbot/skills/.../portfolio.json before editing. Ensure it does not contain sensitive credentials and that the skill will not overwrite unrelated files. - Request clarification from the author (or provider) about: exact scheduling mechanism, required credentials (WeChat, market data, broker), where credentials are stored, and whether the skill or its dependencies will open external network endpoints. - If you cannot validate the sources of the dependency skills or the WeChat delivery mechanism, avoid installing or grant them only in an isolated/test environment.

Like a lobster shell, security has layers — review code before you run it.

a-stockvk976cx5bx326yzew7jegs3x1ts848r0banalysisvk971r9tkn78pwnm2dacpcz6sa183vp8ychinavk976cx5bx326yzew7jegs3x1ts848r0bdailyvk971r9tkn78pwnm2dacpcz6sa183vp8ydaily-reviewvk976cx5bx326yzew7jegs3x1ts848r0blatestvk976cx5bx326yzew7jegs3x1ts848r0bstockvk976cx5bx326yzew7jegs3x1ts848r0b

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments