Skillv1.0.0

ClawScan security

Fund Report Extractor · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 8, 2026, 3:34 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code and instructions match its stated purpose (download public fund PDFs and extract a specific section); it requests no credentials and has no surprising installs or network endpoints beyond the public report host.
Guidance: This skill appears to do what it says: download public fund PDFs and extract the 'investment strategy and operations analysis' sections. Before running, consider: 1) The package source/homepage is unknown — review the extract.py source (you have it) and ensure it matches your expectations. 2) Run in an isolated environment (virtualenv or container) to limit side effects. 3) Dependencies (akshare, pymupdf, pdfplumber, requests, pandas) will be installed from PyPI; pin versions if you care about supply-chain risk. 4) The script downloads PDFs from pdf.dfcfw.com and writes files to the current directory; ensure you are comfortable with network access and disk writes. 5) There are no credentials requested and no obvious exfiltration, but if you plan to run this inside sensitive environments, validate akshare's network behavior and avoid exposing secrets. If you want higher assurance, run it on a small test fund code and inspect the downloaded PDFs and outputs first.

Purpose & Capability: okName/description (extract fund report 'investment strategy' sections) align with the code and SKILL.md. Required libraries (akshare, pdf parsers, requests) are appropriate for scraping and parsing PDFs; no unrelated credentials or binaries are requested.
Instruction Scope: okSKILL.md and extract.py confine actions to: fetching announcement lists via akshare, constructing PDF URLs on pdf.dfcfw.com, downloading PDFs, extracting text with pdfplumber or PyMuPDF, and writing text files locally. There are no instructions to read unrelated files, access other credentials, or exfiltrate data to unexpected endpoints.
Install Mechanism: okThere is no install spec (instruction-only + a single Python script). Dependencies are standard Python packages from PyPI; no remote archives or obscure installers are downloaded by the skill itself.
Credentials: okNo environment variables, secrets, or config paths are requested. The skill only needs network access for public data and permission to write files in the working directory — both are reasonable for this task.
Persistence & Privilege: okThe skill does not request permanent/always-on inclusion and does not modify other skills or system-wide settings. It simply writes output files to its working directory.