v0.1.1

Stock Analysis China

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 8:39 AM.

Analysis

The skill is mostly aligned with stock analysis, but it can prompt automatic setup/install commands and overwrite persistent portfolio data from OCR before clear confirmation.

GuidanceBefore installing, review and approve any setup commands yourself, preferably in an isolated Python environment rather than global/system installs. Verify screenshot-recognized holdings before allowing the skill to save them, and back up or inspect the portfolio JSON because it contains sensitive financial data used for later analysis.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Unexpected Code Execution

SeverityHighConfidenceMediumStatusConcern

SKILL.md

检查`SKILL_ROOT/data/`目录下是否存在json文件或json文件是否为空，若为空，优先执行"环境依赖与故障排查"章节的环境配置相关操作

This tells the agent to run environment-configuration steps during normal skill activation based on local data state, rather than only during explicit user-approved installation.

User impactThe agent may attempt to modify the local environment when the portfolio file is missing or empty.

RecommendationRequire explicit user approval before any setup command, and separate installation instructions from normal analysis workflow.

Agentic Supply Chain Vulnerabilities

SeverityMediumConfidenceHighStatusConcern

SKILL.md

AKShare | 最新 | ... `pip install akshare pandas` ... sharp | 0.30+ | ... `npm install sharp -g` ... Tesseract OCR | 5.0+ | ... `winget install UB-Mannheim.TesseractOCR`

The skill documents unpinned package and global/system installs even though the provided install specification declares this as an instruction-only skill with no required binaries.

User impactInstalling unpinned or global dependencies can change the user’s machine and depends on external package provenance.

RecommendationDeclare dependencies in metadata/install specs, pin versions where practical, avoid global installs by default, and make setup a user-reviewed step.

Tool Misuse and Exploitation

SeverityLowConfidenceHighStatusNote

scripts/stock_analysis_core.py

df = ak.stock_zh_index_spot_em() ... df = ak.stock_zh_a_spot_em() ... ak.stock_zh_a_hist(symbol=code, period='daily'

The script queries AKShare for market and historical stock data; this is purpose-aligned for stock analysis but is still external provider/tool use.

User impactStock codes being analyzed may be sent to or requested through the market-data provider library.

RecommendationUse only if the user is comfortable with AKShare-based market-data access and disclose provider use in user-facing output.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityMediumConfidenceHighStatusConcern

scripts/portfolio_update.py

从 AI 识别结果更新持仓（覆盖式更新） ... PORTFOLIO_PATH = SKILL_DATA / 'positions_portfolio.json' ... json.dump(data, f, ensure_ascii=False, indent=2)

AI-recognized holdings are written persistently to a portfolio JSON file, and the update path is explicitly overwrite-style.

User impactA misread screenshot or incorrect extraction can overwrite stored holdings and influence future financial analysis.

RecommendationConfirm recognized holdings before writing, keep backups or change history, and clearly tell users where sensitive portfolio data is stored.