TV Signal Screener
PassAudited by ClawScan on May 10, 2026.
Overview
This market-screening skill is coherent and does not request credentials or trade on your behalf, but it installs Python dependencies and evaluates user-defined pandas signal expressions.
Before installing, be comfortable with running the local setup script and installing the listed Python packages. Only run signal YAML files you trust, because their expressions are evaluated against downloaded market data. The skill appears to screen and report market data only; it does not show the ability to place trades or modify accounts.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A malicious or poorly written signal file could cause unexpected filtering results or errors, though the provided code does not show arbitrary shell execution or data exfiltration.
Custom signal expressions from YAML are evaluated with pandas. This matches the documented signal-expression purpose and includes validation, but expression evaluation is a sensitive capability if untrusted YAML is used.
mask = df.eval(resolved_expr)
Use signal YAML files you trust, keep expressions simple, and consider strengthening validation to explicitly allow only documented methods and operators.
The skill’s behavior could change if an upstream Python package releases a new version, even though the install is isolated in the skill’s virtual environment.
Dependencies are specified with minimum versions rather than pinned versions or hashes, so future installs may resolve to newer package versions than the reviewed ones.
tvscreener>=0.2.0 pandas>=2.0.0 pyyaml>=6.0 pytest>=7.0.0
Install in the disclosed venv, review resolved package versions, and prefer pinned versions or a lockfile for reproducible installs.