Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
A Share Portfolio
v1.0.0A股投资组合管理/持仓分析。当用户说"组合分析"、"持仓分析"、"portfolio"、"我的持仓怎么样"、"帮我看看组合"、"仓位管理"、"组合优化"、"风险分析"、"再平衡"、"行业暴露"时触发。对用户提供的持仓组合进行全面分析,包括持仓集中度、行业/风格暴露、风险指标、收益归因、再平衡建议。通过 cn-st...
⭐ 0· 83·0 current·0 all-time
by@yzswk
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The stated purpose (A-share portfolio analysis) aligns with the steps in SKILL.md. However SKILL.md expects a local helper (SCRIPTS="$SKILLS_ROOT/cn-stock-data/scripts") and execution of python scripts (cn_stock_data.py). The skill package declares no required binaries, no dependency on Python, and does not include those scripts—this mismatch is unexplained and could lead to the agent executing code outside the skill's scope.
Instruction Scope
Runtime instructions explicitly tell the agent to run external Python scripts located via $SKILLS_ROOT/cn-stock-data/scripts. Those scripts are not part of this skill bundle. Executing external scripts at runtime can perform arbitrary I/O or network calls (including exfiltration) unrelated to the user's intent. The SKILL.md does not limit or audit what those scripts do; it also references other skills for deeper analysis, increasing cross-skill reach.
Install Mechanism
No install spec and no code files are included, which minimizes direct install risk. However, because the runtime expects external scripts, the lack of included code is itself a concern: the skill will fail unless a cn-stock-data component exists in the environment, and that external component becomes the real execution surface to review.
Credentials
The skill declares no required environment variables or credentials, which is appropriate for portfolio analysis. But SKILL.md uses $SKILLS_ROOT and presumes a Python runtime; these are implicit environment dependencies that are not declared. The skill promises to keep user holdings 'in-session' but provides no technical enforcement; if the referenced scripts perform network requests, user data could leave the session.
Persistence & Privilege
The skill is not marked always:true and is user-invocable only, which is appropriate. It does not request system-wide configuration changes or persistent privileges in its manifest.
What to consider before installing
This skill appears to be a legitimate portfolio-analysis helper, but the SKILL.md requires running external Python scripts at $SKILLS_ROOT/cn-stock-data/scripts that are not included or declared. Before installing or using it: 1) Verify whether a trusted 'cn-stock-data' component exists in your environment and inspect its code (cn_stock_data.py) to ensure it only fetches stock data and does not send portfolio data elsewhere. 2) Confirm a safe Python runtime is available and that $SKILLS_ROOT points to a trusted directory. 3) Ask the publisher for source code or for the missing dependency to be bundled or documented. If you cannot verify the external scripts, run the skill only in a sandboxed environment or treat it as untrusted, because executing undeclared scripts may expose your portfolio data or system to arbitrary actions.Like a lobster shell, security has layers — review code before you run it.
latestvk97c53tp2g2wffwgxwx6d3wgjh83v3d0
License
MIT-0
Free to use, modify, and redistribute. No attribution required.