Equity Analyst
PassAudited by ClawScan on May 1, 2026.
Overview
The skill is mostly coherent for Korean stock analysis, but users should notice its optional scripts use web scraping, local command execution, hardcoded local paths, and mention LINE report delivery.
This skill appears aligned with its stated stock-analysis purpose. Before running its helper scripts, check the hardcoded Python/workspace paths, install any needed Python packages yourself, use a clean browser profile, and confirm whether any LINE or scheduled report delivery is enabled.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user could place too much weight on the model's stock verdicts if they treat them as professional financial advice.
The skill clearly discloses that it produces investment-style verdicts, but the wording mixes BUY/AVOID labels with a disclaimer not to give investment advice.
Return EXACTLY this structure... 5. Verdict: [BUY|BUY_LEAN|HOLD|AVOID] ... Do NOT give investment advice.
Use the outputs as analysis support only, verify data independently, and consider adding stronger wording that the skill does not provide personalized financial advice.
The scripts may not run reliably on another user's machine, and the package metadata does not fully describe its runtime expectations.
The registry reports version 1.0.7 and no required binaries, while skill.yaml reports version 1.0.4 and a hardcoded local Python path.
version: 1.0.4 bins: - "C:/Users/IM/AppData/Local/Programs/Python/Python310/python.exe"
Before running scripts, confirm the intended version, Python path, and dependencies such as requests and beautifulsoup4.
If a user chooses to run the helper script, it will execute local commands rather than only providing prompt instructions.
A helper script invokes shell commands to drive the OpenClaw browser. This is purpose-aligned for scraping Naver Finance, but it is broader than a pure instruction-only skill.
result = subprocess.run(
cmd,
shell=True,
capture_output=True,Run helper scripts only after reviewing them, and prefer safer argument-based subprocess calls over shell=True where possible.
If the browser profile contains logged-in sessions, requests to websites may use that profile state.
The script uses a named OpenClaw browser profile when opening Naver Finance pages. The artifacts do not show credential extraction or account mutation, but browser profile use can involve local session state.
cmd = f'openclaw browser --browser-profile openclaw open "{url}"'Use a dedicated, non-sensitive browser profile for scraping public finance pages.
A generated report could be delivered to an external messaging service if that script path is completed or configured.
The script documentation mentions sending reports to LINE, which is an external messaging data flow not described in the main skill metadata. The provided visible code does not show credentials or an endpoint.
Generates report and sends to LINE
Confirm any LINE delivery behavior, recipient, and credentials before enabling report sending.
If a user separately schedules it, the skill could run recurring stock analysis without fresh manual review each time.
The artifact does not install a cron job or background worker, but a script comment indicates the report may be used with scheduled automation.
# Also write to file for cron delivery
Only schedule recurring reports intentionally, and review what data sources and delivery destinations are used.