Hk Ipo Research Assistant
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: hk-ipo-research-assistant Version: 0.1.1 The skill is classified as suspicious primarily due to a potential prompt injection vulnerability against the AI agent, as described in `SKILL.md`. The instructions explicitly direct the agent to ask the user for sensitive financial information (capital, risk preference, broker) and then to "把答案写入 `scripts/config/user-profile.yaml`" (write the answers to `scripts/config/user-profile.yaml`). If the AI agent writes raw, unsanitized user input directly into this YAML configuration file, it could lead to YAML injection, potentially allowing a malicious user to compromise the agent or the local environment when the file is later processed. While the Python code uses `yaml.safe_load` for reading, this mitigates only some, but not all, forms of YAML injection. Additionally, the local storage of sensitive user financial data (capital, broker) in `scripts/config/user-profile.yaml` is a risk, even if not immediately exfiltrated. The extensive network access to various financial data sources is expected for the skill's stated purpose and does not show signs of malicious intent.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing dependencies may add third-party Python packages to the user's environment.
The skill asks the user to install Python dependencies before use. This is purpose-aligned for a Python CLI tool, but dependency installation can execute third-party package code and should be reviewed.
pip install -r scripts/requirements.txt
Review scripts/requirements.txt before installing and use a virtual environment or other isolated Python environment.
IPO symbols or company names used in queries may be visible to the third-party data providers contacted by the tool.
The CLI fetches data from third-party financial websites. This is expected for real-time IPO research, but stock codes and query parameters are sent to external services.
BASE_URL = "https://aipo.myiqdii.com" ... resp = client.get(f"{BASE_URL}{endpoint}", params=params, headers=self._get_headers())Use it only for data you are comfortable querying through public financial-data sites, and verify important investment information from official sources.
Personal financial preferences may remain on disk and be reused in future IPO analysis.
The skill can persist a user's capital amount, risk preference, margin preference, and broker in a local profile file for later analysis.
问用户:本金、风险偏好、是否用孖展、券商 ... 把答案写入 `scripts/config/user-profile.yaml`
Do not store secrets or account credentials in the profile file; review, edit, or delete scripts/config/user-profile.yaml when the stored profile is no longer needed.