Finnhub Pro
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: finnhub-pro Version: 1.1.0 The skill is a legitimate CLI wrapper for the Finnhub financial API, providing access to stock quotes, company news, and financial metrics. The implementation in `scripts/finnhub_cli.py` uses the official `finnhub-python` library, follows standard practices for API key management via environment variables, and contains no evidence of malicious execution, data exfiltration, or prompt injection.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Requests made by the CLI use the user's Finnhub API key and may count against that account's quota.
The skill relies on a user-provided Finnhub API key, which is expected for Finnhub API access, but users should notice that their API account and rate limits are involved.
设置环境变量:`export FINNHUB_API_KEY="your-key-here"` ... 或写入 `~/.openclaw/.env` ... 必须通过环境变量 `FINNHUB_API_KEY` 传入
Use a dedicated Finnhub key if possible, keep it out of shared logs and repositories, and store it only in a protected environment variable or local config file.
The installed package becomes part of the local execution path for the CLI.
The skill asks users to install an external PyPI dependency without a pinned version; this is central to the skill's purpose but still creates normal package-provenance risk.
pip install finnhub-python
Install `finnhub-python` from the official package source, consider using a virtual environment, and pin a known-good version if reproducibility matters.
Finnhub can see the symbols, searches, and date ranges requested through the CLI.
The script sends user-selected symbols and other query parameters to Finnhub through its API client; this is disclosed and purpose-aligned.
client = finnhub.Client(api_key=API_KEY) ... q = client.quote(symbol.upper())
Avoid querying symbols or search terms you would not want sent to Finnhub, and review Finnhub's privacy and API terms if that matters for your use.