Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
A Share Dashboard
v1.0.0A股智能看板 - 偏基本面选股 + 热点标注 + 持仓监控。Web Dashboard 形式的股票分析工具。
⭐ 0· 59·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description (A股看板) match the UI and analysis code in app.py. However, the app relies on an external snapshot script at an absolute path (/home/c1/.openclaw/workspace/skills/a-share-stock-dossier/scripts/a_share_snapshot.py) that is not declared in SKILL.md, not included in the file manifest, and not documented as a dependency. Executing another skill's script is not obviously required by a dashboard and is an undeclared cross-skill dependency.
Instruction Scope
SKILL.md instructs only to run streamlit run app.py and lists data sources (东方财富 API, AKShare). It does not mention that app.py will run an external script via subprocess (fetch_via_script calling the SNAPSHOT_SCRIPT). That external script may perform network I/O or access local files—behavior not visible or declared in the SKILL.md. The instructions therefore omit a material runtime action (executing code at a hard-coded absolute path).
Install Mechanism
No install spec (instruction-only), which is low risk. However, the repository includes a venv/pyvenv.cfg file—an included virtualenv config with absolute home path—which is unnecessary for an instruction-only skill and suggests the package was packaged from a local environment. This is odd but not inherently malicious.
Credentials
The skill declares no required environment variables or credentials, which matches the SKILL.md. There are no obvious requests for unrelated credentials. That said, because the skill executes an external script, that script might require or access secrets (not declared here), so lack of declared env vars does not guarantee no secret access at runtime.
Persistence & Privilege
always is false and the skill does not claim to modify other skills or system-wide configs. The meaningful privilege concern is runtime: app.py executes another script from the workspace which can run arbitrary code with the agent user's privileges. That cross-script execution increases blast radius if the referenced script is untrusted.
What to consider before installing
This skill appears to implement a legitimate stock dashboard, but it calls an undeclared, hard-coded script at /home/c1/.openclaw/workspace/skills/a-share-stock-dossier/scripts/a_share_snapshot.py when fetching data. Before installing or running: 1) Ask the publisher to document dependencies and provide the a_share_snapshot.py source (or include its logic) — do not run the dashboard until you can inspect that script. 2) If you plan to run it, do so in a sandboxed environment (isolated user account or container) because the external script will run with the agent's permissions and may access network or local files. 3) Remove or replace hard-coded absolute paths with configurable/declarative dependencies, or ensure the referenced skill is trusted. 4) The included venv file is unnecessary — verify the package wasn't copied from a personal environment. If the maintainer cannot justify or reveal the external script, treat this as risky and avoid running it.Like a lobster shell, security has layers — review code before you run it.
latestvk97b4ydb2zg1g3a3c2kz5j516d840gj5
License
MIT-0
Free to use, modify, and redistribute. No attribution required.