Skillv4.0.1

ClawScan security

IHSG Session Summary · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 9, 2026, 3:09 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill appears to implement an IHSG session summary using Yahoo Finance and the Tavily API (which is coherent), but there are inconsistencies in the published metadata (it does not declare the required Tavily API key or dependency installation), so the package's manifest and runtime instructions do not fully align.
Guidance: This skill's functionality (IHSG summaries) matches its code and instructions, but the published metadata is inconsistent: SKILL.md and the script require a TAVILY_API_KEY and Python dependencies (tavily-python, requests, beautifulsoup4) while the registry metadata lists no env vars and provides no install instructions. Before installing/running: (1) ensure you have a Tavily API key and understand its scope (it can fetch/extract arbitrary web content); (2) install dependencies (pip install -r scripts/requirements.txt) in a controlled environment/sandbox; (3) inspect scripts/ihsg_session_extractor.py yourself to verify there are no calls to unexpected external endpoints beyond Yahoo Finance and Tavily; (4) consider restricting the API key and monitoring its usage, and ask the publisher to correct the registry metadata or provide an explicit install spec for clarity.

Review Dimensions

Purpose & Capability: noteThe name/description (IHSG market summaries) matches the code and SKILL.md: the script fetches IHSG data from Yahoo Finance and uses Tavily for web search/extract to get top net buy/sell and foreign flow. This capability legitimately needs a Tavily API key and HTTP access to finance/news endpoints. However, the registry metadata claims 'Required env vars: none' and 'Primary credential: none' while SKILL.md and the code require TAVILY_API_KEY, which is an incoherence in the manifest.
Instruction Scope: okRuntime instructions are scoped to fetching market data and using Tavily for search/extract, running the included Python script, and producing a textual summary in Bahasa Indonesia. The instructions do not ask the agent to read unrelated local files or export system credentials. Note: Tavily extract can return raw page content, so the agent will process arbitrary third-party web content (expected for this purpose).
Install Mechanism: noteThere is no install spec (instruction-only), but the package includes a requirements.txt listing tavily-python and standard scraping libs. This is not inherently malicious but is inconsistent: without an install step, the environment may lack required packages and the SKILL.md prints a warning if tavily-python is missing. No downloads from suspicious URLs or extract steps are present.
Credentials: concernThe code and SKILL.md require a single API credential (TAVILY_API_KEY), which is proportionate to the stated purpose. However, the registry metadata failing to declare this required env var is a meaningful mismatch that could mislead users into installing without providing a required credential. Also verify the Tavily API key's scope/permissions before use because it enables arbitrary web search/extraction through the third-party service.
Persistence & Privilege: okThe skill does not request persistent/system-wide privileges, does not set always:true, and does not reference or modify other skill configurations or sensitive system paths. It runs as a normal invocable skill.