Stock Strategy Backtester

AdvisoryAudited by Static analysis on Apr 30, 2026.

Overview

No suspicious patterns detected.

Findings (0)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

NoteHigh Confidence

ASI05: Unexpected Code Execution

What this means

The agent may execute the bundled script and read the CSV file path provided for analysis.

Why it was flagged

The skill directs the user or agent to run a bundled local Python script against a selected CSV file. This is expected for a backtesting tool, but it is still local code execution.

Skill content

python scripts/backtest_strategy.py \
  --csv /path/to/prices.csv

Recommendation

Use it only with OHLCV CSV files you intend to analyze, and review the bundled script if you do not trust the package source.

NoteHigh Confidence

ASI04: Agentic Supply Chain Vulnerabilities

What this means

Users have less publisher/provenance context than they would for a package with a verified repository or homepage.

Why it was flagged

The registry metadata does not provide an external source or homepage for independent provenance checking.

Skill content

Source: unknown
Homepage: none

Recommendation

Install only if you trust the registry entry and are comfortable with the bundled files.