v0.1.1

Fund Advisor

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 6:16 AM.

Analysis

The skill is mostly aligned with fund portfolio management, but it should be reviewed because it stores sensitive financial holdings and credentials and includes local database delete/overwrite paths without clear confirmation or rollback.

GuidanceReview before installing if you are comfortable storing personal fund holdings locally and configuring a qieman API key. Back up the database before imports, be cautious with reset or overwrite operations, and protect the mcporter configuration and local data directory.

Findings (5)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusConcern

tools/src/cli.py

@cli.command() ... def reset(ctx): """清空所有持仓记录""" ... count = database.clear_all_holdings()

The CLI exposes a reset command that deletes all locally stored portfolio holdings, and the shown handler does not require an explicit confirmation or create a backup.

User impactAn accidental or over-eager agent invocation could erase the user's local portfolio records.

RecommendationRequire an explicit user confirmation before reset, document the command clearly, and create a backup or recovery path before deleting holdings.

Cascading Failures

SeverityMediumConfidenceHighStatusConcern

tools/src/csv_importer.py

# 清空所有持仓记录
self.database.clear_all_holdings()

for row in normalized_reader:

CSV import clears the existing holdings table before importing rows. If the new file is malformed or only partially imports, the prior database contents can already be gone.

User impactA bad import file could replace a complete local portfolio with an empty or partial one.

RecommendationImport into a temporary table first, validate the full file, then swap atomically; also prompt the user and keep a backup before overwriting existing holdings.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

scripts/fund-cli.sh

python3 -m venv "$VENV_DIR" ... "$VENV_DIR/bin/pip" install -e "$TOOLS_DIR" -q

The wrapper script bootstraps a Python virtual environment and installs the bundled tool package when invoked. This supports the stated CLI workflow, but it is an install action users should expect.

User impactFirst use can modify the skill directory by creating a virtual environment and resolving Python dependencies.

RecommendationReview the bundled Python package and dependencies before first use, and run it from a trusted local environment.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityLowConfidenceHighStatusNote

SKILL.md

设置 `QIEMAN_API_KEY` 环境变量 ... 初始化脚本会：... 自动生成 `~/.mcporter/mcporter.json` 配置文件

The skill uses a qieman API key and persists MCP configuration in the user's mcporter profile. This is expected for the service integration, but it is credential-bearing local configuration.

User impactAnyone who can read the mcporter configuration may be able to see or use the qieman service credential.

RecommendationTreat the mcporter config as sensitive, avoid sharing it, and rotate the QIEMAN_API_KEY if it may have been exposed.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityMediumConfidenceHighStatusNote

tools/src/database.py

fund_account TEXT NOT NULL, ... trade_account TEXT NOT NULL, ... asset_value REAL NOT NULL

The local SQLite database stores account identifiers and asset values from imported fund holdings. This is central to the skill, but the data is sensitive and persistent.

User impactLocal access to the database can reveal personal financial holdings and account-related details.

RecommendationStore the database in a protected directory, limit filesystem access, and delete or back up the database intentionally when no longer needed.