Skillv1.0.0

ClawScan security

trading-log · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 30, 2026, 11:16 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's stated purpose (a local trading log) is plausible and its network access (Tencent price API) matches that purpose, but there are several mismatches and surprising choices (hardcoded /home/jocob paths, filename mismatches, and vague cron instructions) that make the package internally inconsistent and worth manual review before installing.
Guidance: This skill appears to implement a local trading log and fetches realtime prices from Tencent (qt.gtimg.cn), which matches its description — but there are inconsistencies you should resolve before using it. Specifically: (1) the documentation and manifest reference different filenames than the shipped script, and the script uses a hardcoded path (/home/jocob/Desktop/...) rather than the ~/Desktop path described; confirm and correct the file locations so it reads/writes where you expect. (2) The skill will create persistent JSON files containing your trades; if you care about privacy or retention, inspect the save/load functions and change paths or add deletion/backup policies. (3) It makes outbound HTTP requests only to a known public price API (qt.gtimg.cn) — if you require stricter network controls, run it in a sandboxed environment or block network access. (4) Because SKILL.md mentions automatic Cron triggers but provides no installer for scheduling, verify how your agent will schedule runs before enabling autonomous invocation. If you want to proceed, run the script locally in a controlled folder (not someone else's /home), review the code yourself (or have a developer do so), and fix the path/filename inconsistencies.

Review Dimensions

Purpose & Capability: noteThe skill claims to record trades, compute P/L, and fetch realtime prices — the included Python script and SKILL.md implement that functionality. However, the SKILL.md and file manifest reference filenames like '交易日志.py' and files expected on ~/Desktop, while the actual code lives at scripts/trading_log.py and uses hardcoded paths under /home/jocob/Desktop. This discrepancy is unexpected and suggests the package was not packaged consistently.
Instruction Scope: concernSKILL.md instructs the agent to run commands from ~/Desktop and refers to a mainAgent Cron that will trigger daily updates, but the shipped script reads/writes a hardcoded LOG_FILE at /home/jocob/Desktop/交易日志_持仓记录.json and the code path differs from the documented file names. The instructions also assert '记录永久保存，不可删除' (permanently saved) without any mechanism to enforce or manage retention. These mismatches create a risk that the agent will read/write unexpected filesystem locations or fail silently.
Install Mechanism: okThere is no install spec (instruction-only plus an included script). That minimizes supply-chain risk; nothing is downloaded at install time and no external packages are automatically pulled.
Credentials: noteThe skill requests no environment variables or credentials, which is appropriate for a local trading log. However, it does access the user's filesystem (hardcoded /home/jocob Desktop paths). While not a secret-exfiltration pattern, hardcoded user paths are brittle and could unintentionally access another user's files on multi-user systems or fail to store data where the user expects.
Persistence & Privilege: noteThe skill is not marked always:true and does not request elevated privileges, but it writes persistent JSON trade logs and claims they are permanent. It also references being triggered by a '主Agent的Cron系统' without providing installation or scheduling steps — if the agent is allowed to schedule recurring tasks, this will create long-lived data on disk. Autonomous invocation is allowed by default; combine that with persistent storage if you need to limit continuous background activity.