Skillv1.6.0

ClawScan security

Private Fund Portfolio Analysis · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 25, 2026, 4:46 PM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill's stated metadata says it requires no credentials, but the runtime instructions embed a MySQL connection (including a concrete IP and password default), and the docs also require MYSQL_* env vars — this mismatch and the embedded default credentials are concerning.
Guidance: Don't install or run this skill as-is. The SKILL.md contains an explicit MySQL connection snippet with a concrete IP and password default — either that is an accidental leak of real credentials or a dangerous placeholder. Before proceeding: 1) Ask the publisher to remove any embedded credentials and to declare required environment variables in the skill metadata. 2) If you must run it, run in an isolated environment (no access to your production networks), and verify the MySQL host is one you control; treat the embedded credential as potentially live and change passwords if that host is yours. 3) Inspect the code and test with synthetic XLS files locally (disable network calls) to confirm behavior. 4) If the skill needs DB access, require explicit, user-provided credentials (no defaults) and document why the DB is needed. 5) Restrict outbound network access or run behind a firewall while reviewing. These steps will reduce the risk of unintended data exfiltration or accidental use of unknown credentials.

Review Dimensions

Purpose & Capability: concernThe skill's purpose (parsing XLS portfolio files, enriching with AKShare, optional MySQL lookup) is coherent with the included instructions and prompt template. However the registry metadata declares no required environment variables or credentials while the SKILL.md and references explicitly expect a MySQL data source and show environment-variable usage — and the SKILL.md even includes a concrete default host (43.138.222.153) and password (w6w%vkXENC82PGZo). This mismatch between declared requirements and actual instructions is inconsistent and unexpected.
Instruction Scope: concernThe SKILL.md instructs the agent to parse XLS files, call AKShare (network), cache CSVs, and connect to a MySQL database. The MySQL connection snippet includes defaults and a real-looking IP/password; the instructions would cause network access and database queries. The instructions also reference specific workspace paths and output files. These behaviors go beyond pure local parsing (they require external network/database access) and are not reflected in the skill's metadata.
Install Mechanism: okThere is no install spec — the skill is instruction-only with one prompt-generating script. No downloads or archive extraction are specified, which is the lower-risk installation model.
Credentials: concernAlthough the registry lists no required env vars, the references/docs explicitly require MYSQL_HOST/PORT/USER/PASSWORD/DATABASE and the SKILL.md includes a default MySQL host and password inline. That embedded credential is disproportionate to a simple analysis helper (it binds the skill to a specific external database). The skill also performs network calls (AKShare) which are reasonable for market enrichment, but the undeclared, hardcoded DB credential is a red flag.
Persistence & Privilege: okThe skill does not request always:true and does not claim to modify other skills or system-wide settings. It writes output files (CSV/JSON/PNG) to the workspace as expected for a reporting script. No elevated or persistent platform privilege is requested.