Skillv2.0.0

ClawScan security

China Stock Smallcap · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 14, 2026, 7:16 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code and instructions match its stated purpose (selecting small-cap A-share stocks via Eastmoney public API); it requires only Python and makes expected network requests, with one minor packaging/path inconsistency to fix.
Guidance: This skill appears coherent and implements what it claims: a public-source small-cap stock selector that queries Eastmoney and returns JSON. Before installing, note: (1) the SKILL.md references a scripts/ path but the provided file is at the package root — you may need to correct the path or move the file; (2) the script makes outbound HTTP requests to push2.eastmoney.com (normal for market data) — confirm you are comfortable with that network access; (3) no credentials or sensitive local files are accessed by the skill, and outputs are explicitly labeled as not investment advice. If you need higher assurance, inspect the included a_share_public_selector.py yourself or run it in an isolated environment. If the skill ever requests tokens, env secrets, or downloads code from external URLs, treat that as a red flag and re-evaluate.
Findings: [no_pre_scan_findings] expected: Static pre-scan found no injection signals. Given this is a small Python script that fetches a public API and has no credential use, that's expected.

Purpose & Capability: okName/description, SKILL.md, and the included Python script all implement a public-source small-cap stock selector that queries Eastmoney's public API. Requested resources (python) and no credentials are proportionate to the claimed functionality.
Instruction Scope: noteSKILL.md instructs the agent to run a script and to use web_search/web_fetch for supplemental info — these are within the skill's purpose. Minor inconsistency: SKILL.md references {baseDir}/scripts/a_share_public_selector.py while the package contains a_share_public_selector.py at the top level; this may cause runtime failures or require path adjustment.
Install Mechanism: okNo install spec and only an instruction-only runtime plus a single Python file — nothing is downloaded or written to disk at install time. This is low-risk and proportional.
Credentials: okThe skill does not request environment variables, credentials, or config paths. It only performs outbound HTTP requests to Eastmoney, which is expected for market-data retrieval.
Persistence & Privilege: okThe skill is not always-enabled and does not request elevated persistence or modify other skills. Model invocation is allowed (platform default), which is normal for skills.