ClawHub

Futu Client

PassAudited by VirusTotal on May 11, 2026.

Overview

Type: OpenClaw Skill Name: futu-client Version: 1.0.1 The skill is a legitimate wrapper for the Futu OpenAPI (futu-api), providing a simplified interface for stock trading, account queries, and market data retrieval. It communicates exclusively with a local FutuOpenD gateway on 127.0.0.1:11111 and contains no evidence of malicious behavior, data exfiltration, or prompt injection. All methods in client.py align with the documented purpose of interfacing with the Futu trading platform.

Findings (0)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

ConcernHigh Confidence
ASI02: Tool Misuse and Exploitation
What this means

If invoked after trading is unlocked, the agent could submit real buy or sell orders that may cause financial loss.

Why it was flagged

The skill exposes an order-placement method that defaults to the real trading environment, and the visible code does not require an explicit confirmation step before submitting the order.

Skill content
def place_order(..., trd_env: TrdEnv = TrdEnv.REAL) ... ctx.place_order(..., trd_env=trd_env)
Recommendation

Default all trading methods to SIMULATE, require explicit user confirmation with an order summary before any REAL order, and consider separating read-only account queries from trading actions.

ConcernHigh Confidence
ASI03: Identity and Privilege Abuse
What this means

Providing the trading password could enable the agent to operate the user's real brokerage account through FutuOpenD.

Why it was flagged

The skill accepts a trading password and uses it to unlock real trading by default, granting account-level authority over financial transactions.

Skill content
def unlock_trade(self, password: str, trd_env: TrdEnv = TrdEnv.REAL) -> bool: ... ctx.unlock_trade(password=password, trd_env=trd_env)
Recommendation

Declare this credential requirement clearly, handle the password only through a secure prompt or credential mechanism, avoid logging or storing it, and require per-trade user approval.

NoteHigh Confidence
ASI04: Agentic Supply Chain Vulnerabilities
What this means

Different or future package versions could change behavior, including behavior that affects trading operations.

Why it was flagged

The skill relies on external, unpinned Python packages and has no install spec; this is purpose-aligned but leaves dependency provenance and versioning less controlled.

Skill content
Install dependencies: `pip install futu-api` ... `pip install futu-api pandas`
Recommendation

Pin dependency versions in an install spec or requirements file and install from trusted package sources.