Skillv1.0.0

ClawScan security

111 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 11, 2026, 6:17 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code and instructions align with its stated purpose (daily A‑share momentum report); requests/use of market-data tokens and optional push credentials are expected — no signs of covert exfiltration or unrelated privileges were found.
Guidance: This skill appears to do what it says: generate a daily A‑share momentum report using akshare/tushare and optional push channels. Before running: 1) Create a local config (config_local.yaml) and fill TUSHARE_TOKEN for full functionality; 2) do not commit config_local.yaml to public repos because it may contain SMTP passwords, webhook keys, or other credentials; 3) install required Python packages (akshare, tushare, pandas, numpy, readability, etc.) manually — the skill contains no automated installer; 4) the SKILL.md mentions a pre-configured Cron job but the package does not set one up automatically — if you want scheduled runs, set up scheduling yourself; 5) run initially in PAPER_TRADING_MODE or dry-run and review generated output before acting on real trades; and 6) if you plan to enable email/ServerChan/WeChat pushes, secure those credentials and verify the push endpoints are correct (they are user-supplied). If you want me to, I can list the exact Python dependencies to install and show the minimal safe command to run the script in a sandboxed/dry-run mode.
Findings: [no_findings] expected: Static pre-scan reported no injection signals or suspicious regex matches. The code imports network-capable libraries (akshare, tushare, urllib) and uses them for expected data retrieval; this is consistent with the skill's stated purpose.

Review Dimensions

Purpose & Capability: okThe name/description (A股动量报告) match the included assets: SKILL.md, config.yaml and a Python script that uses akshare/tushare to fetch market data and generate reports. The optional credentials (Tushare token, email/ServerChan/WeChat webhook) are appropriate for data access and pushing reports. The presence of package.json is minor and not necessary for a Python tool, but not harmful.
Instruction Scope: noteRuntime instructions are narrowly scoped to generating the daily report, running the Python script, and optionally sending it via configured push channels. Two small inconsistencies: SKILL.md says the Tushare token is "已内置" (pre-bundled) while the code reads it from config (user must supply it), and SKILL.md claims a Cron job is "已配置" but there is no install spec that actually sets a system cron job. Otherwise the instructions do not ask the agent to read unrelated system files or exfiltrate secrets.
Install Mechanism: noteThis is an instruction-only skill (no platform install spec). The Python script imports third‑party libraries (akshare, tushare, pandas, numpy, readability). There is no automated installer provided, so users must install dependencies themselves. That increases operational friction for non-technical users but is not a security red flag by itself.
Credentials: okNo environment variables are declared as required in the skill metadata. The code and config use a Tushare token (reasonable for the data source) and optional credentials for email/ServerChan/WeChat/JoinQuant/iFinD for report delivery or enhanced data — these are proportional to the skill's functionality. Note: storing SMTP passwords, webhook keys or platform passwords in an unencrypted config file is sensitive and should be handled carefully.
Persistence & Privilege: noteThe skill does not request elevated or persistent platform privileges (always: false). The SKILL.md/Cron job claim is inconsistent with the lack of an install step to create the cron entry; the skill will not automatically persist unless the user sets up scheduling. No evidence the skill modifies other skills or global agent settings.