Skillv1.0.0

ClawScan security

A Stock Trading Assistant · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewApr 30, 2026, 9:01 AM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill mostly matches its A-share data/analysis purpose and uses only public finance APIs, but there are small incoherences around persistence (a referenced watchlist file is missing) and the SKILL.md asks the agent to record and later proactively re-check user alerts without declaring where/how that data is stored.
Guidance: This skill generally does what it says: it fetches A-share data from public Chinese finance sites and runs analysis with the included Python script, and it does not ask for any credentials. Before installing: 1) confirm how/where watchlists and alerts will be stored (SKILL.md references references/watchlist.md but that file is missing) and whether those records persist across sessions; 2) be aware the agent will access the network to fetch live market data — do not provide any broker/account credentials to the skill; 3) if you plan to rely on its alerts, treat suggestions as informational only (not trading advice) and verify with your broker app; 4) if you require stronger privacy, request that the skill store alerts in a location you control or disable proactive/automatic checks; and 5) if you are able, review/run scripts/fetch_stock.py in a sandbox to verify there is no unexpected behavior (it appears to only query public endpoints).

Review Dimensions

Purpose & Capability: noteName/description (A股行情与分析) aligns with the included code and data-source references: the Python script fetches real-time data from Sina/东财/同花顺/雪球 as described. No unrelated binaries or credentials are requested. Minor inconsistency: SKILL.md says it will record alerts to references/watchlist.md, but that file is not present in the manifest.
Instruction Scope: concernSKILL.md instructs the agent to fetch real-time data (via scripts/fetch_stock.py or web_fetch) which is within scope. However it also instructs recording user alert/watchlist entries and to '在后续对话中主动核对预警状态' (proactively re-check and report alert status). That implies storing user-specific persistent data and performing future autonomous checks; the manifest provides no explicit persistence mechanism, and the referenced storage file is missing. This is scope creep relative to a pure query/analysis skill and should be clarified.
Install Mechanism: okNo install spec (instruction-only plus a Python script) — lowest-risk install vector. The bundled script uses only standard library urllib and JSON; no external package installs or downloads from untrusted URLs are present.
Credentials: okNo environment variables, credentials, or config paths are required. Network access to public finance APIs is expected and proportional to the stated purpose. The script does not access local secrets or other system config.
Persistence & Privilege: concernalways:false (good). But SKILL.md's instruction to save watchlist/alerts and then '主动核对预警状态' implies the skill will persist user data and potentially invoke itself later. The skill does not declare where watchlists are stored (missing references/watchlist.md) or how long data is kept. Autonomous invocation combined with persistent user watchlists increases privacy/operational concerns and should be explicitly documented/consented.