by 安全扫描
OpenClaw
可疑
high confidenceNULL
评估建议
This skill appears to implement a comprehensive investment analysis toolkit (many expected analysis scripts and docs). However:
- Do not run or grant Exec/Bash/Write to this skill until you inspect the scripts. In particular review scripts/auto-publish-clawhub.sh and any scripts referenced by CLAWHUB_CRON_SETUP.md and CLAWHUB_PUBLISH_GUIDE.md — the docs say a publishing token is configured in a script, which could leak credentials or enable automated publishing.
- Search the repository for h...详细分析 ▾
ℹ 用途与能力
The name/description (investment decision framework) align with the included code and many sub-skills (value-analyzer, asset-allocator, industry-analyst, etc.). The repo contains many legitimate data-fetching and analysis scripts for investment research, which are expected. However the package also includes deployment/publishing automation (auto-publish-clawhub.sh, crontab examples, CLAWHUB_* docs) that are not strictly necessary for runtime investment analysis and expand the skill's operational footprint.
⚠ 指令范围
SKILL.md grants the agent tools including Bash, Read, Write, Exec and WebSearch. The repository includes scripts that fetch remote data (eastmoney, Tencent, AlphaVantage) which is appropriate, but also contains automation instructions and cron examples that instruct executing scripts and interacting with external services and CLI tooling. Notably CLAWHUB_CRON_SETUP.md and CLAWHUB_PUBLISH_GUIDE.md describe scheduled publishing and mention a token '已配置在脚本中' (token configured in the script). Those runtime instructions allow the agent to run arbitrary shell scripts and potentially publish or alter remote resources — this materially expands scope beyond pure analysis.
✓ 安装机制
There is no declared install spec in the manifest (instruction-only). That lowers install-time risk. However the repo contains many executable scripts and examples that would be written to disk if the agent is allowed to write files or run the included scripts; running or extracting those scripts is an operational decision and not covered by a package manager review.
⚠ 凭证需求
The skill manifest declares no required environment variables, yet the docs and CONTRIBUTING examples reference API keys (QVERIS_API_KEY, TTFUND_API_KEY, Tushare token, AlphaVantage key) and the CLAWHUB docs explicitly state a publishing token is stored in scripts. Requiring or embedding long-lived tokens in scripts is disproportionate to pure analysis and is not surfaced in requires.env — this mismatch is a red flag. The skill also suggests writing a config file under the user's home directory for tokens, which is acceptable if done transparently, but the repo's documentation claiming 'Token:已配置在脚本中' suggests credentials may be embedded/hard-coded.
⚠ 持久化与权限
The skill is not marked always:true (good), but repo docs provide crontab entries and an auto-publish script (scripts/auto-publish-clawhub.sh) and examples that would set scheduled jobs under /tmp/investment-framework-skill. If the agent is allowed to Exec/Bash and Write, it could (with user permission or by following vague instructions) install cron jobs or run persistent publishing automation. The manifest doesn't declare persistent behavior but the contents enable it — a capability/privilege mismatch.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.22026/3/21
NULL
● 可疑
安装命令
点击复制官方npx clawhub@latest install investment-framework-skill
镜像加速npx clawhub@latest install investment-framework-skill --registry https://cn.longxiaskill.com