Skillv1.0.0

ClawScan security

Stock Daily Analysis · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewMar 15, 2026, 4:27 AM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill appears to implement the advertised stock analysis features, but there are multiple incoherences in the packaging and run/install instructions and a few behaviors (running external scripts / cloning a repository) that merit caution before installation.
Guidance: This package mostly implements the advertised stock analysis features, but you should not install blindly. Before installing or running: 1) Inspect setup.sh and run.sh — they clone an external GitHub repo and expect a different project layout (.env and main.py) which may overwrite or pull extra code; 2) Confirm which config method you will use (SKILL.md/config.example.json expects config.json while run.sh expects .env) and ensure API keys are stored securely (prefer environment-managed secrets over plaintext files); 3) If you enable market-data integration, only point market_data_skill_path to a trusted installation — market_data_bridge spawns a Python script from that path (subprocess.run) which executes arbitrary code in that directory; 4) Run the skill in an isolated environment (container/VM or sandbox) the first time, and review network activity and installed packages from requirements.txt before trusting outputs for investment decisions. If you want higher assurance, ask the author/maintainer for a release that fixes the packaging/run inconsistencies (remove/clarify run.sh/setup.sh or include the expected main.py/.env.example) and provide a clear install path.

Review Dimensions

Purpose & Capability: noteName/description (daily stock analysis) match the included Python modules (data_fetcher, trend_analyzer, ai_analyzer, notifier). The AI modules call Gemini/OpenAI as described and data fetching uses akshare — these are proportionate to the stated purpose. Minor oddity: setup/run shell scripts reference a separate project directory (daily_stock_analysis) and .env which is not described in SKILL.md/config.example.json, suggesting packaging/structure inconsistencies.
Instruction Scope: concernSKILL.md describes using config.json and Python API functions (scripts/analyzer.py). However run.sh and setup.sh expect a different layout: they look for PROJECT_DIR = scripts/daily_stock_analysis, require .env and main.py, and instruct cloning an external repo. This is inconsistent with SKILL.md instructions and with the included file manifest (no main.py, config.json vs .env mismatch). In addition, market_data_bridge invokes external scripts (subprocess.run calling another skill's python script) which will execute code from a user-specified path — expected for integration but increases execution surface and should be used only with trusted skill installations.
Install Mechanism: noteThere is no formal install spec in the registry (instruction-only), but included setup.sh will clone https://github.com/ZhuLinsen/daily_stock_analysis.git and pip-install requirements — cloning a remote repository at install time is a non-trivial action (GitHub is a known host but content may differ). No downloads from shorteners or unknown IPs detected. The skill will install Python packages listed in requirements.txt if setup.sh is used.
Credentials: noteThe skill does not declare required env vars in metadata. It expects an API key inside config.json (ai.api_key) rather than as platform-managed environment variables. AIAnalyzer also respects HTTPS_PROXY environment variables for proxying. The requested credential (AI API key) is proportional to the function. Storing API keys in config.json (file) is convenient but increases risk if that file is not properly protected or is accidentally committed.
Persistence & Privilege: okThe skill does not request always:true and does not modify other skills' configs. It can run code and subprocesses when invoked (normal for a skill with helper scripts) but there is no evidence it attempts to persist itself into the agent runtime or escalate privileges.