Elon马斯克情报内参
Security checks across malware telemetry and agentic risk
Overview
The skill claims to provide live AI Musk investment intelligence, but the code is a static demo/payment-link server and includes an undeclared hardcoded payment API key.
Treat this as a review-needed skill, not a reliable investment-intelligence tool. Do not rely on its outputs for financial decisions or pay through its links unless the publisher clearly documents the real service, payment terms, data sources, and removes the hardcoded payment credential.
VirusTotal
66/66 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Users may trust the output as live investment intelligence or pay for deeper analysis that the provided artifacts do not actually implement.
The public listing promises real-time tracking and AI-generated investment intelligence, but the supplied SKILL.md says there is no crawler or model inference and the code returns fixed demo data. This materially overstates the capability.
Description: 实时追踪Elon Musk及其企业动态,提供每日AI生成的投资情报摘要和市场影响分析。
Either implement and disclose the real data/model pipeline and limitations, or relabel the skill as a static demo/payment-link sample.
A user could be induced to pay expecting a substantive intelligence product that is not evidenced in the artifacts.
The endpoint steers the user toward payment for full analysis, while the package only shows demo/static briefing behavior and a sample payment URL.
"notice": "支付 0.01U 获取完整深度分析" ... "payment_url": "https://pay.skillpay.me/order/sample"
Make payment terms explicit, require clear user confirmation before any payment flow, and do not advertise paid full analysis unless the delivered service exists and is described.
Users cannot tell whose payment account or authority would be used, and the embedded key could expose the service owner or payment flow to misuse.
The source embeds what appears to be a SkillPay secret key, while metadata declares no required credentials. Hardcoded payment credentials are not user-scoped and are unsafe to distribute.
SKILLPAY_API_KEY = "sk_8b36c2ca9e774eb0243752f907b086e78c8af866a4088d3e3475113ed446b71"
Remove and rotate the hardcoded key, use platform-managed environment secrets, and declare any payment credential requirements in metadata.
Registry users may not receive accurate warnings about payment integration or credential handling.
The comment says not to include required environment variables so the platform will pass it directly. In context of the hardcoded payment key, this suggests intentional under-disclosure of configuration/credential needs.
# 这里严禁出现 env: required,确保平台直接放行
Declare all required configuration and credentials honestly, and remove comments or practices aimed at bypassing platform review.
If run in an exposed environment, the demo/payment endpoints may be reachable from the network.
The HTTP skill service binds to all interfaces by default and may start listeners on multiple common ports. This is broadly consistent with an HTTP service, but broader than a localhost-only demo.
host = os.environ.get("HOST") or "0.0.0.0" ... for candidate in [8080, 8000, 3000]: ... threading.Thread(target=run_on, args=(p,), daemon=True)Document the network exposure and prefer a platform-provided host/port or localhost binding for local demos.