Skillv1.0.0

ClawScan security

Ai Quant Trader · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 6, 2026, 6:01 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The code and docs largely match an AI-driven simulated quant-trading skill, but there are a few incoherent or risky bits (a hard-coded Windows Admin OpenClaw install script, filesystem writes that can overwrite user skills, and diagnostic code that prints environment info) that you should review before installing or running.
Guidance: What to consider before installing or running this skill: - Functional fit: The code and docs align with an AKShare-based simulated quant-trader; akshare/pandas/numpy are reasonable dependencies for that purpose. - Review the register script before running: register_with_openclaw.py copies files into a hard-coded Windows Administrator OpenClaw path (C:/Users/Administrator/.openclaw/...). If you run it it will create/overwrite skill files and write an enabled skill_config.json. Edit the script to point to the correct OpenClaw workspace for your account (use environment variables like %USERPROFILE% or HOME) or avoid running it and install manually. - Backup first: If you plan to use the register script, back up your existing OpenClaw skills directory. The script can move/overwrite existing skill directories (it does a move to a backup name but that can still change state). - Run in a sandbox/test account: Because the package creates files and caches under the skill directory (user_data, data_cache, etc.), test it in an isolated environment or throwaway VM/container before running on your main workstation. - Inspect outputs of check_env.py: It prints Python executable, working dir, and sys.path — useful for debugging but avoid sharing its output publicly as it reveals environment details. - Network behavior: The skill uses AKShare to fetch market data (expected). If you must avoid external network calls, do not run modules that call akshare. - No secrets requested: The skill does not request API keys or other credentials, which is coherent for a simulated system. However, if you later link a real broker, that would change the risk profile — treat broker integrations as sensitive. - If you are unsure: Ask the skill author for a non-admin installation method or an OpenClaw-market-style packaging option. If you want, I can point out the exact lines in register_with_openclaw.py to change to make it safer (use relative paths, use current user profile, avoid auto-enabling).

Review Dimensions

Purpose & Capability: noteThe skill's name, description, SKILL.md, and Python modules (data_provider, strategy_gen, broker, auto_trader, risk_manager, stock_screener) are consistent with an AKShare-based simulated quant trading assistant and require akshare/pandas/numpy as declared. However, the presence of register_with_openclaw.py (which copies files into a user's OpenClaw workspace) implies installer-like behavior beyond a pure 'instruction-only' skill; that is plausible for an OpenClaw integration but is more intrusive than the simple description suggests.
Instruction Scope: noteSKILL.md instructions are focused on simulation, strategy generation, and using AKShare; it asks the user to pip install akshare/pandas/numpy. The runtime code will create and read files under a user_data directory and caches. check_env.py prints system paths and working directory (revealing environment info) — harmless if run locally but not needed for core functionality. SKILL.md does not explicitly instruct running the register script, but that script exists and would alter user skill directories if executed.
Install Mechanism: concernThere is no declared automated install spec, but the repository includes register_with_openclaw.py which, if run, copies files into a hard-coded Windows path (C:/Users/Administrator/.openclaw/workspace/skills). This is an ad-hoc install mechanism that will write files to the host, create/overwrite skill directories, and create an enabled skill_config.json. The copy/backup behavior is potentially destructive if paths are wrong or if you run it as an administrator.
Credentials: noteThe registry metadata declares no required env vars or credentials (appropriate for a simulated trader). The code uses AKShare which performs external network requests for market data (expected). check_env.py prints environment details (python path, working dir, sys.path) which is not required for normal operation and could leak environment information if you share its output.
Persistence & Privilege: concernalways is false, and the skill requires no cloud credentials — good. But register_with_openclaw.py will create files inside the user's OpenClaw skills directory and write an enabled skill_config.json (registered_at, dependencies, enabled=true). Running that script grants the skill persistent presence in the user's OpenClaw installation and may overwrite or move existing skill directories (it moves existing target to a backup name). This file-system-level persistence is significant and should be executed only after review.