Skillv1.2.0

ClawScan security

Portfolio Daily Tracker · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 10, 2026, 1:52 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's stated purpose (portfolio tracking, snapshots, reports, push notifications) aligns with its code and instructions, but it requires cloning and running external engine scripts from a GitHub repository and installing unpinned Python dependencies — a supply-chain / execution risk the user should understand before running setup.
Guidance: This skill appears to implement what it claims, but before running setup.sh or otherwise installing it you should: 1) inspect the GitHub repository it clones (https://github.com/Stepuuu/portfolio-daily-tracker.git) — ideally pin to a specific commit or tag instead of cloning the HEAD; 2) review the repo's scripts (portfolio_daily_update, portfolio_manager, snapshot/report scripts) to confirm there is no unexpected network exfiltration or destructive behavior; 3) review dashboard/requirements.txt and avoid installing untrusted packages without vetting; 4) run setup in a restricted environment (non-root account, isolated VM/container) if you want to test; 5) only provide FEISHU/TELEGRAM tokens and an OPENAI key if you trust the code that will transmit notifications; and 6) back up any existing portfolio data before letting the skill modify files. These precautions reduce supply-chain and execution risk. If you want, I can list the files in the upstream GitHub repo or help identify which dependencies to audit/pin.

Review Dimensions

Purpose & Capability: okName/description match what the included scripts and tools do: reading/writing portfolio files, generating snapshots/reports, updating holdings, and optionally pushing notifications. Declared optional env vars (OPENAI_API_KEY, FEISHU_WEBHOOK, TELEGRAM_BOT_TOKEN, PORTFOLIO_DIR) are coherent with the described features.
Instruction Scope: noteRuntime instructions and tools operate on local portfolio files under engine/portfolio (read/write snapshots, holdings, history.csv) and run engine scripts (portfolio_manager.py, portfolio_snapshot.py, portfolio_report.py, portfolio_daily_update.py). This scope is expected, but the skill instructs the user to run scripts/setup.sh which will clone an external repo and expects engine scripts that are not bundled here — the agent’s runtime behavior therefore depends on code downloaded at setup time.
Install Mechanism: concernThere is no formal install spec in the registry, but scripts/setup.sh (bundled) will git clone https://github.com/Stepuuu/portfolio-daily-tracker.git into a target directory and then attempt pip3 install -r dashboard/requirements.txt from that repo. Cloning an external GitHub repository and running pip install from files inside it is a supply-chain risk because code and dependencies are unpinned and come from a third-party repo not reviewed here.
Credentials: okNo required credentials are enforced by the registry. The optional environment variables listed in SKILL.md are proportionate to the features: OPENAI_API_KEY for chat features, FEISHU_WEBHOOK/TELEGRAM_BOT_TOKEN for push notifications, and PORTFOLIO_DIR to override data paths. There are no unrelated credential requests.
Persistence & Privilege: okThe skill does not request always:true and does not modify other skills or global agent settings. Its actions are limited to local files under the project engine/portfolio and running engine scripts; persistent presence or elevated privileges are not requested.