A股上市公司公告
PassAudited by ClawScan on May 1, 2026.
Overview
This skill coherently queries public Chinese stock-exchange announcement APIs and does not show credential use, persistence, destructive actions, or hidden behavior.
This appears safe for its stated purpose of retrieving public SZSE/SSE announcements. Before installing, be aware that your query terms are sent to external exchange websites and that dependencies are not pinned to exact versions.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your stock-query terms may be sent to the exchange websites to retrieve public announcement data.
The plugin sends user-provided query parameters such as stock codes, keywords, dates, and limits to external exchange APIs. This is expected for the stated announcement-query purpose and does not show account mutation or credential use.
resp = requests.post(url, headers=headers, json=payload, timeout=10)
Use the skill for public stock-announcement lookups and avoid putting private or unrelated sensitive information into keyword searches.
Installing dependencies later could pull newer package versions than the author tested.
The dependency versions are lower-bounded rather than pinned, which can allow different package versions to be installed over time. The artifacts do not show automatic installation or suspicious dependency use.
requests>=2.25.1 openclaw>=2026.3.12
Install dependencies from trusted package indexes and consider pinning exact versions in a controlled environment if reproducibility matters.