Stock Analysis 6
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: stock-analysis-6 Version: 1.0.0 The skill is classified as suspicious due to critical vulnerabilities. The `scripts/watchlist.py` file contains a shell injection vulnerability where user-controlled `ticker` input from the watchlist is passed unsanitized to `subprocess.run` when checking alerts, allowing arbitrary command execution. Additionally, `scripts/hot_scanner.py` and `scripts/rumor_scanner.py` execute an external `bird` CLI via `subprocess.run` and pass sensitive Twitter authentication tokens (`AUTH_TOKEN`, `CT0`) as environment variables, posing supply chain and data exfiltration risks if the `bird` binary is compromised.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If misused or mishandled, these tokens or browser-session permissions could give access to the user’s X account or other local browser data.
The optional Twitter/X integration asks users to expose account session cookies and may require broad local browser-cookie access. That is high-impact credential/session handling for a finance scanner.
Grant Terminal "Full Disk Access" in System Settings ... Copy `auth_token` and `ct0` values ... AUTH_TOKEN=your_auth_token_here CT0=your_ct0_token_here
Use `--no-social` unless you specifically need X data. Prefer an official, least-privileged OAuth/API flow; do not grant Full Disk Access or copy session cookies unless you fully trust the helper tool and understand the account risk.
Installing a global helper tool can add code outside the reviewed skill package, especially important because this helper is used with X session credentials.
Twitter/X support depends on an optional globally installed third-party CLI that is not part of the declared required install set. This is documented and purpose-aligned, but users should review the dependency before installing it.
Install bird CLI: `npm install -g @steipete/bird`
Verify the bird CLI source and installation method, avoid global installs if possible, and keep the social-media feature disabled unless needed.
If enabled, the scanner can continue running on a schedule, making network requests and generating reports until the user removes the cron job.
The docs show how to configure a scheduled agent turn for recurring hot-scanner reports. This is disclosed and user-configured, but it is persistent automation.
schedule:\n kind: cron\n expr: "0 8 * * *" ... message: "Run hot scanner and summarize results"
Only enable cron automation if you want recurring scans, and document where the job is configured so it can be disabled later.
Anyone with access to those local files may be able to see the user’s tracked investments or watchlist.
The skill persists portfolio and watchlist data locally. This is expected for portfolio tracking, but the data may include sensitive holdings, quantities, cost basis, and alert thresholds.
Portfolios | `~/.clawdbot/skills/stock-analysis/portfolios.json` ... Watchlist | `~/.clawdbot/skills/stock-analysis/watchlist.json`
Use this only on a trusted device, review file permissions, and avoid storing sensitive portfolio details if the machine is shared.