Fin Ai
ReviewAudited by ClawScan on May 17, 2026.
Overview
The skill is mostly purpose-aligned, but its preview mode can leave temporary copies of sensitive portfolio data despite saying preview does not write temporary files.
Review the preview behavior before installing. This skill does not appear to trade or access brokerage accounts, but it handles sensitive portfolio data, writes local holdings/snapshots/history, calls external quote providers, and may leave temporary preview copies. Prefer preview first, confirm real writes only after checking results, and delete any portfolio-workflows-safe-run temp directories if you do not want leftover copies.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user may choose preview believing nothing is written, while sensitive portfolio files can still be copied locally.
This promises that preview mode does not create temporary files or temporary paths, but the provided refresh implementation creates a temporary portfolio copy. That mismatch can cause users to underestimate local data residue.
预演时: - 结果直接展示在对话里(用户可读的摘要:总资产、盈亏、账户组、warnings) - 不写临时文件,不生成临时文件路径
Either change preview mode to avoid temp files, or update the instructions to clearly disclose temp copies and automatically clean them after use.
Sensitive financial data can be left in a temporary directory even if the user only asked for a preview.
When confirm_write is false, the code copies the whole portfolio directory into a temporary working directory. The provided code does not show cleanup, so holdings/snapshots/history may remain duplicated after preview.
temp_parent = Path(tempfile.mkdtemp(prefix="portfolio-workflows-safe-run-")) working_dir = temp_parent / "portfolio" shutil.copytree(resolved_portfolio_dir, working_dir)
Delete preview temp directories after use, minimize what is copied, and prefer in-memory previews or explicit user-approved temp storage.
Third-party quote providers may learn which securities are in the analyzed portfolio, though the code shown does not send quantities or cost basis.
The skill fetches market data from external providers using tickers from the portfolio. This is purpose-aligned, but it means held or watched symbols may be sent to third-party market-data services.
yahoo_base = config.get("yahoo_base", "https://query1.finance.yahoo.com/v8/finance/chart") ... "https://fund.eastmoney.com/pingzhongdata/{code}.js" ... "https://stooq.com/q/l/"Use a user-supplied market_context file or trusted proxy/config if ticker privacy matters.
If invoked directly or after confirmation, the skill can change local portfolio records and derived history.
The lower-level holdings sync helper writes updated holdings directly when called. This is expected for the skill, but users should ensure the agent uses the preview/confirmation workflow before real portfolio data is changed.
holdings_path = write_holdings(portfolio_dir, updated_holdings)
Use the main refresh workflow in preview mode first, review warnings and summaries, then allow confirmed writes only when the results look correct.