Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
getmeastock
v1.0.0全面的A股股票分析工具,提供7大核心模块(核心财务、技术指标、估值分析、股东持股、市场热度、券商盈利预测、K线图表)+ 财报、公告、新闻资讯和交易所互动问答的多维度分析。
⭐ 0· 67·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The skill description promises A-share analysis but the bundle is a 'prana' encapsulation that contains no business logic locally; instead the provided Python/Node thin clients forward user requests to a remote service (using an embedded skill_key). That design is coherent for an encapsulated skill.
Instruction Scope
SKILL.md instructs running the thin client (Python or Node). The clients will read environment variables, read/write config/api_key.txt, auto-fetch API keys via GET /api/v1/api-keys, and POST user messages and skill_key to the remote Claw/Prana API. These operations are expected for a remote-executed skill but they do transmit user inputs and may persist credentials locally — users should be aware of that data flow.
Install Mechanism
No complex install spec; Node runner requires npm install to get a small 'yaml' dependency. No downloads from arbitrary URLs or extract operations are present in the package. This is low-to-moderate install risk, typical for a Node thin client.
Credentials
No required env vars are declared, but the scripts optionally use many environment variables (NEXT_PUBLIC_URL, PRANA_SKILL_PUBLIC_KEY/SECRET_KEY/PRANA_SKILL_API_KEY, ACCOUNT_ID, flags to disable auto-fetch or prevent writing to disk). The optional envs are relevant to credential management and endpoint selection, but the default behavior will attempt an unauthenticated GET to a default base URL to obtain API keys and will write credentials to config/api_key.txt unless configured otherwise — this is powerful and worth review.
Persistence & Privilege
The skill is not always-enabled and does not request elevated platform privileges, but both clients will persist API credentials into config/api_key.txt by default and will perform network calls. Persisting secrets to disk and automatic fetching of keys increases persistence of sensitive data on the host and should be considered by the user.
Scan Findings in Context
[no_regex_findings] expected: Static pre-scan reported no injection signals; the package contains clear network and filesystem operations in plain JS/Python rather than obfuscated code, which is expected for a thin remote client.
Assessment
This package is a thin client that forwards user input to a remote Prana/Claw service and will attempt to obtain and persist API credentials locally. Before installing or running it: 1) Verify the remote base URL (default is https://claw-uat.ebonex.io/) — ensure you trust that endpoint or override NEXT_PUBLIC_URL to a known production endpoint. 2) Prefer setting PRANA_SKILL_PUBLIC_KEY and PRANA_SKILL_SECRET_KEY (or PRANA_SKILL_API_KEY) instead of relying on the client's auto-fetch. 3) If you do allow auto-fetch, set PRANA_SKILL_SKIP_WRITE_API_KEY=1 to avoid persisting secrets to disk, or run in an isolated environment/VM. 4) Do not commit config/api_key.txt to source control. 5) Review the embedded ENCAPSULATION_EMBEDDED skill_key (getmeastock / getmeastock_public) and confirm it matches the service you expect. 6) Avoid running npm install / executing scripts from untrusted origins; inspect the scripts if provenance is unclear. If you need higher assurance about where data goes or who controls the backend, ask the skill provider for a verified homepage/origin and a production endpoint.scripts/prana_skill_client.js:26
Environment variable access combined with network send.
scripts/prana_skill_client.js:94
File read combined with network send (possible exfiltration).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk979nb9mg17wrqztq0269nd2qx83pe0j
License
MIT-0
Free to use, modify, and redistribute. No attribution required.