Back to skill
Skillv1.0.0
ClawScan security
A Stock Market · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 7, 2026, 7:14 PM
- Verdict
- Benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's code and runtime behavior match its purpose (fetching A‑share quotes via a public Tencent API) and there is no sign of hidden exfiltration, but documentation inconsistencies and an optional sudo-based install step deserve attention.
- Guidance
- This skill's code simply fetches and parses stock quotes from a public Tencent endpoint and prints them — that matches the core purpose. Before installing: (1) note the documentation mismatch (SKILL.md mentions Sina but the script uses qt.gtimg.cn/Tencent); (2) avoid blindly running the suggested sudo ln -sf /usr/local/bin/... command — inspect the a-stock.py file first and, if you prefer, run it directly from the skill directory without creating a system-wide symlink; (3) be aware the script makes outbound HTTP requests (no credentials used), so if you need to restrict network access run it in a sandbox or environment where outbound requests are controlled; (4) if you need higher assurance, verify the skill source (publisher) or obtain the script from a trusted repository before placing it in a system path.
Review Dimensions
- Purpose & Capability
- noteThe skill's stated purpose (fetch A‑share quotes) matches the included script which queries a public finance endpoint and formats results. However, the SKILL.md claims 'Sina Finance' while README and the code actually use Tencent's API (https://qt.gtimg.cn). This is a documentation inconsistency but does not change the observable behavior.
- Instruction Scope
- okRuntime instructions and the script only perform HTTP GET requests to a public finance endpoint, parse returned text, and print formatted output. The SKILL.md/README examples and the a-stock.py script do not read unrelated files, environment variables, or send data to unexpected endpoints.
- Install Mechanism
- noteThere is no formal install spec (instruction-only skill), and the code is included in the package. README suggests creating a symlink into /usr/local/bin with sudo — that step writes to a system path and requires elevated privileges; it's optional but worth caution. The skill does not download or execute remote code during install.
- Credentials
- okThe skill requests no environment variables, credentials, or config paths. The network access it needs (public HTTP requests to a finance endpoint) is proportional to its stated function.
- Persistence & Privilege
- okThe skill is not always-enabled and does not request persistent elevated privileges. It does not modify other skills or system-wide agent settings.