智能投资简报生成器

Security checks across static analysis, malware telemetry, and agentic risk

Overview

The skill mostly matches its investment-report purpose, but it builds a shell command from user-provided stock inputs and runs an undeclared helper script, creating a local code-execution/provenance risk.

Review before installing. Only use trusted stock/name inputs, verify the referenced tavily-search helper under ~/.openclaw is legitimate, and prefer a fixed version that avoids shell execution. Use a limited Tavily API key and remember the generated investment content should be checked independently.

Static analysis

Dangerous exec

Critical

Finding: Shell command execution detected (child_process).

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#ASI05: Unexpected Code Execution

High

What this means

A malicious or malformed stock name/code could cause unintended local commands to run with the user's permissions.

Why it was flagged

The query is built from command-line stock/name inputs and then interpolated into a shell command string executed by execSync. Inputs containing shell metacharacters or quotes could change the command that runs.

Skill content

options.stock = args[++i]; ... options.name = args[++i]; ... const cmd = `node "${tavilySearchScript}" "${query}" -n ${maxResults} ...`; ... execSync(cmd, {

Recommendation

Replace execSync string execution with execFile/spawn using an argument array, or call the Tavily API directly; validate stock codes/names and do not pass untrusted text through a shell.

#ASI04: Agentic Supply Chain Vulnerabilities

Medium

What this means

If that external helper is missing, replaced, or incompatible, the skill may fail or run unreviewed code while using the user's environment and API key.

Why it was flagged

The skill executes a helper script from a separate local skill path that is not included in this package's manifest or declared installation requirements, leaving the executed code's provenance and version outside this review.

Skill content

const tavilySearchScript = path.join(process.env.HOME, '.openclaw', 'skills', 'tavily-search', 'scripts', 'search.mjs');

Recommendation

Bundle or pin the required helper, declare it as a dependency, and verify the exact file before execution; preferably avoid shelling out to another skill.

#ASI03: Identity and Privilege Abuse

Info

What this means

The Tavily key is needed for the stated functionality, but any invoked helper process can access it.

Why it was flagged

The skill uses a Tavily API key, which is expected for Tavily search, and passes it to the child process used for searching.

Skill content

const TAVILY_API_KEY = process.env.TAVILY_API_KEY; ... env: { ...process.env, TAVILY_API_KEY }

Recommendation

Use a Tavily key with appropriate limits/quotas and only run this skill with a trusted, verified Tavily helper implementation.