Skillv1.0.7

ClawScan security

港股日报Agent · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewMar 13, 2026, 1:25 PM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill's stated purpose (generate a Hong Kong stocks daily momentum report and send it to Feishu) is plausible and most instructions are reasonable, but there are metadata inconsistencies and missing declarations around Feishu credentials/destination that do not add up and warrant caution.
Guidance: This skill mostly does what it says (scrape public Hong Kong stock sites, build a daily momentum report, and post it to Feishu), but there are a few things to check before installing: - Confirm Feishu delivery details: find out which Feishu webhook, bot, or workspace will be used and what permissions that integration has. The skill manifest does not declare any FEISHU_* env var or webhook — ask the author or platform how Feishu credentials are provided and where messages will be posted. - Verify provenance: registry metadata (owner, version) does not match _meta.json inside the package. Confirm the true author and examine the referenced GitHub repo (https://github.com/openclaw/stock-daily-report) to ensure it is legitimate and unchanged. - Review runtime posting behavior: because the skill will run on a cron trigger, ensure the scheduled target (Feishu channel) is correct and that the bot has least-privilege scope (only post permissions). Consider running it in a test workspace first. - Check data-fetching legality and rate limits: the skill scrapes public sites (Sina, Eastmoney, AAStocks, Futu). Make sure scraping is acceptable under those sites' terms and that the agent will respect rate limits. - Optional FINNHUB key: providing this is optional and reasonable for supplemental data; do not provide unrelated credentials. If the author or platform can show a clear Feishu credential mechanism and reconcile the metadata mismatch, the concerns would be reduced. Without that, proceed cautiously (test in a sandboxed environment and verify exactly where reports are posted).

Review Dimensions

Purpose & Capability: noteThe skill's description and runtime instructions align: it scrapes public finance sites, builds a daily report, and intends to send it to Feishu. However, the manifest declares no Feishu credential or webhook even though the skill lists the 'feishu' integration and the description says reports are sent to Feishu. Also the packaged _meta.json (ownerId/version) doesn't match the registry metadata, which is an inconsistency in provenance.
Instruction Scope: okSKILL.md limits actions to fetching public market data and composing a report; it does not instruct reading unrelated local files or environment secrets. The included shell script is a harmless stub. The instructions do not specify which Feishu endpoint or channel will receive the report — that operational detail is important but not inherently malicious.
Install Mechanism: okNo install spec; this is an instruction-only skill with a tiny helper script. No downloads or archive extraction are performed. Low install risk.
Credentials: concernOnly an optional FINNHUB_API_KEY is declared (for US reference), which is proportionate. But the skill requires the 'feishu' integration at runtime without declaring what credentials or webhook it needs (no FEISHU_TOKEN/WEBHOOK env var listed). That omission makes it unclear what credentials will be used and where messages are posted. The metadata owner/version mismatch also raises provenance questions.
Persistence & Privilege: notealways:false (normal). The skill includes a cron trigger so it will run autonomously on scheduled days — autonomous invocation and scheduling are expected for a daily report but increase the impact if misconfigured (e.g., posting to the wrong external destination).