Skillv0.3.2

ClawScan security

Qlib Ai Quant · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 23, 2026, 2:07 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill claims to be a qlib-based quant platform but its runtime instructions mix qlib and ZVT workflows, reference undocumented environment variables and pip installs, and require filesystem writes — the pieces don't fully align and you should review before installing or running.
Guidance: This skill's files claim a qlib-based platform but the runtime instructions heavily reference ZVT, expect Python package installs, and touch a local ZVT home directory — none of which are declared in the registry. Before installing or running: (1) Inspect SKILL.md and seed.yaml yourself and confirm you are comfortable with any pip installs; (2) run it inside an isolated virtual environment or sandbox and set ZVT_HOME to a dedicated directory to avoid contaminating your real ~/.zvt; (3) do NOT provide any API keys or credentials until you confirm which provider is actually used and why; (4) if you want to proceed, request the author/source (homepage is missing) or ask for an explicit install manifest and a minimal example showing only qlib usage — the current package is internally inconsistent and should be treated with caution.

Review Dimensions

Purpose & Capability: concernName/description claim a qlib-based AI quant platform, but the runtime files and seed.yaml include many ZVT-specific preconditions (python checks for zvt, ZVT_HOME directory, zvt.recorders commands) and references to multiple ecosystems. The required/env/installer metadata declares no env vars or installs, yet the instructions imply installing and using ZVT and other providers — this is disproportionate to a standalone 'qlib' helper and indicates incoherence between claimed purpose and required components.
Instruction Scope: concernSKILL.md/seed.yaml direct the agent to run runtime checks and commands (e.g., python3 -c 'import zvt...', pip install zvt if missing, create/check ZVT_HOME and touch files) and to reload seed.yaml before any behavioral decision. The skill's prose references reading/writing ~/.zvt and running recorders; it also directs the agent to consult many large reference files. These instructions access filesystem paths and environment variables (ZVT_HOME) that were not declared in requires.env and go beyond a simple 'write code for qlib' helper.
Install Mechanism: noteThere is no declared install spec in registry metadata (instruction-only). However, seed.yaml/execution_protocol and SKILL.md imply installing packages (pip install zvt) and running host_adapter.install_recipes[]. The absence of an explicit install recipe in the registry while the instructions expect package installation is a mismatch and increases operational risk if the agent or user follows those steps automatically.
Credentials: concernDeclared requirements list no environment variables or credentials, but the runtime instructions reference ZVT_HOME and require creating/writing to it. The skill also asks users to choose data providers (eastmoney, joinquant, qmt, etc.), some of which require API keys/accounts; those credentials are not declared. This mismatch means the skill expects access to filesystem locations and possibly external service credentials that were not declared up-front.
Persistence & Privilege: notealways:false (normal). The skill does instruct creating/checking a local data directory (~/.zvt) and suggests running pip install and recorders which will write local artifacts. It does not request to modify other skills or global agent config, but it does expect persistent local data directories and can cause environment changes if followed.