Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
chan-stock-analysis
v1.0.4基于BARF框架的缠论多级别联立股票/指数/黄金行情分析。触发词:「使用缠论分析下」「分析下股票」「缠论分析」「帮我分析下」。优先级最高。必须获取日K+30分钟+5分钟+1分钟四级数据进行分析。采用akshare优先、futu备用的数据获取策略。多级别联动判断是核心要求。支持A股、港股、美股及黄金XAUUSD等走...
⭐ 0· 146·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The declared purpose (multi‑level Chan analysis) aligns with most code: fetching market data, running czsc analysis, drawing charts. However the skill integrates extra capabilities (reading/writing local Obsidian repo, downloading/uploading to Baidu Cloud via bypy, caching on disk) that go beyond a minimal 'analysis only' skill but can be legitimate for a reporting workflow. The registry metadata did not declare these additional resource accesses.
Instruction Scope
SKILL.md instructs the agent to: check local Obsidian paths, try downloads from Baidu Cloud (/knowledge/stockdata/*), require an ITICK_TOKEN for itick.org, auto-install or clone czsc if missing, read and merge local Markdown K‑line files, create and upload reports/charts to Baidu Cloud, and update a dynamic knowledge base. These instructions access local files and external endpoints and direct data to third‑party storage (Baidu). Several of these I/O actions (reading arbitrary Obsidian files, uploading results) are not declared in registry requirements.
Install Mechanism
There is no formal install spec in registry (instruction-only), but SKILL.md and scripts perform runtime actions that can fetch/clone remote code (czsc from GitHub) and call external tools (bypy via subprocess). Cloning czsc from GitHub is a known source, but running bypy and executing subprocesses introduces higher risk because it relies on local binaries and authenticated bypy state. No obscure download hosts were observed.
Credentials
Registry lists no required env vars, but code and SKILL.md clearly rely on environment/config values: ITICK_TOKEN (itick.org API token), OBSIDIAN_STOCK_DIR (local Obsidian path), CZSC_PATH (local czsc clone). The skill also implicitly requires a working bypy installation and its Baidu auth (stored locally by bypy). Requesting access to a user's local notes and cloud drive is substantial and was not declared — disproportionate to what the registry advertised.
Persistence & Privilege
The skill writes caches and generated charts/reports to disk and to the user's Obsidian directory and uploads to Baidu Cloud. It also states it will update a 'dynamic knowledge base' (persisting user‑confirmed conclusions). While persistence may be expected for a reporting tool, these persistent writes and cloud uploads should be explicit to users; the skill does not declare always:true but does request persistent storage and external uploads.
Scan Findings in Context
[unicode-control-chars] unexpected: Prompt-injection pattern (unicode control characters) was detected in SKILL.md. This is not necessary for stock analysis and could be an attempt to influence prompt parsing; review the raw SKILL.md and ensure it contains no hidden control characters.
What to consider before installing
What to consider before installing: 1) This skill will read local Obsidian files (default D:\knowledge\stock) and attempt to download/upload files to your Baidu Cloud using the 'bypy' tool — ensure you are comfortable with that access and that bypy is configured. 2) It expects environment/config values (ITICK_TOKEN, CZSC_PATH, OBSIDIAN_STOCK_DIR) even though the registry did not declare them — set these explicitly to safe values or leave empty to disable connected sources. 3) The skill may clone and install the czsc project at runtime (git + pip) and will write caches, charts and reports to disk and to Obsidian/Baidu — run in a sandbox or isolated environment first. 4) Inspect or run the scripts in a controlled environment to confirm they only access the data you consent to; if you don't want uploads, remove/disable bypy or restrict OBSIDIAN_STOCK_DIR to a safe folder. 5) The SKILL.md contained unicode control characters (possible prompt injection); review the file to confirm no hidden instructions. If you need a minimal, non‑persistent analyzer, prefer a variant that only fetches market data from declared APIs and returns results without accessing local files or cloud drives.Like a lobster shell, security has layers — review code before you run it.
latestvk975014398ps9d4k1g58cp794583x79w
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
📊 Clawdis
Binspython3