对上市公司进行系统性投资价值分析，支持 A 股、港股、美股

ReviewAudited by ClawScan on May 10, 2026.

Overview

The skill mostly matches its stock-analysis purpose, but its report generator can leave a web server running and does not safely constrain report filenames.

Install only if you are comfortable with it contacting public finance websites and generating local reports. Do not expose port 8888 publicly, stop the HTTP server after use, and use ordinary stock codes/company names rather than arbitrary path-like input. Treat the investment outputs as informational, not financial advice.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Medium

#ASI10: Rogue Agents

What this means

A download server may continue running after the analysis and could expose generated reports wherever port 8888 is reachable.

Why it was flagged

The trailing ampersand starts a background HTTP server for the report directory; the script checks whether one is already running but provides no stop, cleanup, or localhost-only binding.

Skill content

cd "$REPORT_DIR" && python3 -m http.server $HTTP_PORT > /tmp/http-server.log 2>&1 &

Recommendation

Ask before starting the server, bind it to 127.0.0.1 by default, print a clear stop command, and shut it down automatically after use when possible.

Medium

#ASI02: Tool Misuse and Exploitation

What this means

A crafted company name or stock code could write a report outside the intended reports folder or inject unwanted HTML/JavaScript into a report opened in the browser.

Why it was flagged

User-supplied stock code and company name are used directly in both the output filename and generated HTML without validation, path canonicalization, or HTML escaping.

Skill content

STOCK_CODE=$1; COMPANY_NAME=$2; ... HTML_FILE="$REPORT_DIR/${COMPANY_NAME}_${STOCK_CODE}.html" ... <title>$COMPANY_NAME ($STOCK_CODE) 投资价值分析报告</title>

Recommendation

Whitelist safe ticker characters, sanitize company names for filenames, verify the resolved path stays under the report directory, and HTML-escape all user-controlled values.

Low

#ASI04: Agentic Supply Chain Vulnerabilities

What this means

The skill may fail or behave differently if the host lacks these tools, and users may not see the requirements before installation.

Why it was flagged

These runtime dependencies are listed in the skill text, while the registry requirements declare no required binaries and no install spec; this is a packaging/provenance gap rather than evidence of malicious behavior.

Skill content

## Dependencies
- curl (必需)
- jq (推荐)
- bc (必需)
- python3 (必需，用于 HTTP 服务器)

Recommendation

Declare required binaries in metadata, align SKILL.md/_meta/registry version numbers, and document the report-server dependency clearly.