Back to skill
Skillv1.0.0
ClawScan security
Skills of A-share holder data released by ft.tech. · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 12, 2026, 4:25 PM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, instructions, and network usage are consistent with its stated purpose (querying A‑share shareholder data from market.ft.tech) and it does not request unrelated credentials or elevated persistence.
- Guidance
- This skill appears coherent: it simply calls documented GET endpoints on https://market.ft.tech and returns JSON. Before installing, confirm you trust the market.ft.tech domain (it will receive queries containing stock codes), and be aware the skill requires outbound network access. If you need higher assurance, verify the domain ownership and check responses for any unexpected data; run the code in a sandbox or review network logs if you have strict data‑exfiltration policies.
Review Dimensions
- Purpose & Capability
- okName/description match the implemented functionality: each sub-skill issues GET requests to https://market.ft.tech endpoints that correspond to the documented interfaces. No unrelated services, binaries, or credentials are requested.
- Instruction Scope
- okRuntime instructions and SKILL.md restrict behavior to selecting a sub-skill and calling run.py which runs the corresponding handler. Handlers only perform HTTP GETs to market.ft.tech and print JSON. They do not read other system files, environment variables, or transmit data to unexpected endpoints.
- Install Mechanism
- okThere is no install spec; this is an instruction-and-scripts bundle. Code is local and executed directly; nothing is downloaded from external URLs during install.
- Credentials
- okNo environment variables, secrets, or config paths are required. Network access to market.ft.tech is the only external resource used, which is appropriate for a data-fetching skill.
- Persistence & Privilege
- okThe skill is not marked always:true and does not attempt to modify agent/system configuration or other skills. It runs on demand via subprocess and has no permanent presence or elevated privileges.