nonferrous-daily

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This skill is coherent with its stated purpose of fetching public metals data and sending a Telegram briefing, but users should notice its Telegram credential use, scheduled automation, and local report memory.

Before installing, confirm you want automated Telegram posting, use a limited-purpose bot token, test with DRY_RUN, and verify the exact code or Git commit you run. Treat the generated market report as informational, not as verified financial advice.

Static analysis

Env credential access

Critical

Finding: Environment variable access combined with network send.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#ASI03: Identity and Privilege Abuse

Low

What this means

A Telegram bot token may allow posting to the configured chat or channel, depending on the bot's permissions.

Why it was flagged

The skill requires a Telegram bot token and target chat/channel ID so it can send the daily report.

Skill content

TELEGRAM_BOT_TOKEN=    # 必填：Telegram Bot Token
TELEGRAM_CHAT_ID=      # 必填：目標群組/頻道 ID

Recommendation

Use a dedicated Telegram bot with the minimum needed permissions, keep the token private, and verify the chat ID before scheduling automatic sends.

#ASI10: Rogue Agents

Low

What this means

If the cron task is configured, reports may be generated and sent without a fresh prompt each day.

Why it was flagged

The skill is designed to run automatically on a daily schedule and send a Telegram report, which is disclosed and aligned with the skill purpose.

Skill content

每日 14:00 CST（上午盤收盤後）自動採集有色金屬行情，生成六板塊專業投研報告並推送到 Telegram。

Recommendation

Only enable the cron task if daily automatic delivery is desired; use DRY_RUN for testing and remove the scheduled task when no longer needed.

#ASI06: Memory and Context Poisoning

Low

What this means

Stored market signals can influence later reports; stale or corrupted local memory could affect analysis quality.

Why it was flagged

The report generator persists daily report state and market signal history for future use.

Skill content

const REPORT_CACHE_PATH = join(PROJECT_ROOT, 'memory', 'daily-report-state.json');
const SIGNAL_HISTORY_PATH = join(PROJECT_ROOT, 'memory', 'signal-history.jsonl');

Recommendation

Periodically review or clear the project memory files, and avoid placing unrelated sensitive notes in the skill's memory directory.

#ASI04: Agentic Supply Chain Vulnerabilities

Info

What this means

If the remote repository changes, users who follow the quick start may run code different from the reviewed package.

Why it was flagged

The quick start directs users to clone a remote GitHub repository rather than pinning a reviewed commit.

Skill content

git clone https://github.com/RAMBOXIE/metal-price.git

Recommendation

Prefer the reviewed packaged files or pin and review a specific Git commit before running the scripts.