Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
AKShare
v0.1.0Use AKShare for Chinese market and macro-finance data via Python. Use when the user asks for A股、港股、美股、ETF、基金、指数、宏观、利率、债券、期货、商品、分红、财务 or other public-market d...
⭐ 0· 156·0 current·0 all-time
by@zack995
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
Name and description match the included code: the scripts bootstrap a venv and run AKShare queries. However, the provided helper intentionally accepts arbitrary Python expressions (via eval), which gives broader execution capability than a narrow 'AKShare-only' fetcher.
Instruction Scope
SKILL.md instructs the agent to run scripts that call akshare_eval.py with a user-supplied --expr. akshare_eval.py uses Python's eval with {'__builtins__': __builtins__} and exposes ak, pd, json in globals — this allows arbitrary Python execution (including __import__, os, subprocess, reading files, environment access, and network calls). The documentation does not warn about or constrain arbitrary code execution or exfiltration risk.
Install Mechanism
The bootstrap script uses a local Python venv and pip to install akshare from PyPI; this is a conventional and expected install method for a Python data library and does not download arbitrary archives or external binaries.
Credentials
The skill declares no required environment variables (correct for its purpose), but runtime allows arbitrary expressions that can access os.environ or other secrets present in the agent environment. The bootstrap script permits overriding PYTHON_BIN and AKSHARE_VENV (benign), but there is no mitigation against expressions reading or exfiltrating environment variables or other local files.
Persistence & Privilege
The skill does not request permanent 'always' presence and does not modify other skills or global agent configuration. It only creates a venv in a user-writable path by default.
What to consider before installing
This skill does what it says (install AKShare and run queries) but the helper executes whatever Python expression you pass. That means a crafted expression could read local files, environment variables (including secrets), or perform network requests. Before installing or allowing the agent to invoke this skill autonomously: 1) Only use it if you trust the skill author and the environment where the venv will run. 2) Consider running the bootstrap and evaluation commands manually in an isolated sandbox (container or dedicated VM). 3) If you need to allow automated use, request or implement a safer evaluator that restricts builtins and blocks __import__/os/subprocess or only accepts pre-validated AKShare function calls. 4) Do not supply sensitive credentials to the agent when using this skill. If you want, ask the maintainer to replace eval with a safe execution model (e.g., whitelist of AKShare functions or AST-based expression validation).scripts/akshare_eval.py:19
Dynamic code execution detected.
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk97eyp2eh9mwx0y893b181yadd832y1v
License
MIT-0
Free to use, modify, and redistribute. No attribution required.