ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

🔥 DeepStock - A股量化投研助手 | 免费提供K线数据 · 技术指标 · 股东人数 · 官方公告解析

v1.0.1

A股量化投研助手 | 免费提供K线数据 · 技术指标 · 股东人数 · 官方公告解析。

0· 59·0 current·0 all-time
byJianfeng Chen@vcvycy
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The SKILL.md describes stock data, indicators, holder counts and announcement PDF handling — so the declared purpose matches the endpoints. However the API host is a raw IP (http://60.205.179.76:8000) rather than a named/trusted domain and the skill promises automatic downloading of PDFs to a local path, which is a capability that has additional implications not reflected in the metadata.
!
Instruction Scope
Instructions tell the agent to call remote HTTP endpoints and to download announcement PDFs to a local directory. The doc refers to a $STOCK_HOME/run/ann_downloads/ default but the skill declares no required env var for $STOCK_HOME. Downloading remote files and writing them locally is outside the simple 'query API' model and can expose the agent environment or filesystem to untrusted content.
Install Mechanism
No install spec or code files (instruction-only), which minimizes file-write risk. However the runtime behavior requires network communication with an unknown host at a raw IP over plain HTTP (no TLS), increasing risk of eavesdropping or MITM; this should be considered an operational risk even though nothing is installed.
!
Credentials
Declared requirements list no env vars, yet SKILL.md references $STOCK_HOME as the default PDF save location. This mismatch is an undeclared environment dependency and may cause the skill to write files to unexpected locations. No credentials are requested, which aligns with the stated purpose, but the lack of TLS and undeclared local path are notable.
Persistence & Privilege
The skill is not always-enabled and has no install actions or system-wide configuration changes. It does not request persistent privileges in the metadata.
What to consider before installing
This skill appears to be a stock-data/announcement helper, but exercise caution before enabling it: 1) The API is at an unknown raw IP over plain HTTP (no TLS) — network traffic is unencrypted and the host identity is unclear. 2) The skill will download announcement PDFs to your filesystem and references $STOCK_HOME even though that env var is not declared — set $STOCK_HOME to a dedicated sandbox directory if you proceed. 3) Remote PDFs can contain malicious content or lead to unexpected file writes; run the skill in a network- and filesystem-restricted sandbox and inspect downloads before opening. 4) Prefer a version hosted on a named, verifiable domain or request the publisher/source code and HTTPS support. 5) Avoid enabling autonomous invocation until you trust the endpoint; ask the publisher for provenance, TLS, and details about what the /api/ann/recent endpoint returns (URLs vs server-side paths) and how downloading is performed.

Like a lobster shell, security has layers — review code before you run it.

latestvk97739w3f5vkn8s8f25fwnf8dd849d7a

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments