BitSoulStockSkill 安全扫描报告 — 可信 | ClawSafe

5 /100

BitSoulStockSkill

BitSoul旗下all-in-one的A股市场综合skill，提供股票筛选策略，内置上百种行业常见量化指标, 基于MOE混合因子专家模型的股票买卖点计算判断，个股风险判定，关键指标计算，数据回测

Legitimate A-share stock market analysis skill with all capabilities correctly declared; minor issues limited to unpinned Python dependencies.

技能名称BitSoulStockSkill

分析耗时71.0s

引擎pi

✓

可以安装

Approve for use. Consider pinning exact dependency versions to reduce supply-chain risk.

安全发现 2 项

严重性	安全发现	位置
低危	Python dependencies lack version pinning 供应链 requirements.txt uses >= lower-bound constraints without upper bounds for pandas, numpy, requests, SQLAlchemy. This allows installing any newer version at pip install time, which could pull a compromised release. `pandas>=1.3.5 requests>=2.31.0 SQLAlchemy>=2.0.48 numpy>=1.21.0` → Pin exact versions or use ~= constraints, e.g., pandas~=1.5.0, requests~=2.31.0	`assets/requirements.txt:1`
提示	BITSOUL_TOKEN sent to remote server for authentication 敏感访问 The skill's API token (BITSOUL_TOKEN) is transmitted to info.aicodingyard.com over HTTP for check_token, decryption key requests, data downloads, and yield submission. This is expected behavior for a paid data service but worth noting for threat modeling. `response = requests.post(url, json={"token": token}, timeout=define.HTTP_TIMEOUT)` → Ensure the remote server is trusted and consider whether HTTPS enforcement is possible via config.json	`scripts/remote_api.py:108`

资源类型	声明权限	推断权限	状态	证据
文件系统	`READ`	`READ`	✓ 一致	utils.py creates temp dir; data_fetcher.py reads/writes SQLite in temp dir; all …
网络访问	`READ`	`READ`	✓ 一致	remote_api.py and data_fetcher.py POST/GET to info.aicodingyard.com; stock_crawl…
环境变量	`READ`	`READ`	✓ 一致	config.py reads BITSOUL_TOKEN and BITSOUL_TOKEN_ENV_FILE from os.environ; SKILL.…
技能调用	`READ`	`READ`	✓ 一致	stock_api.py exposes StockApi with stock data/metrics/backtest methods; moe_sign…
命令执行	`NONE`	`NONE`	—	No subprocess/os.popen/shell=True found across all 21 Python files (grep confirm…

8 项发现

🔗

中危外部 URL 外部 URL

https://www.aicodingyard.com

SKILL.md:8

🔗

中危外部 URL 外部 URL

https://finance.sina.com.cn/

SKILL.md:25

🔗

中危外部 URL 外部 URL

http://info.aicodingyard.com

assets/config.json:3

🔗

中危外部 URL 外部 URL

https://push2his.eastmoney.com/api/qt/stock/kline/get

scripts/factor_mining.py:382

🔗

中危外部 URL 外部 URL

https://www.eastmoney.com/

scripts/factor_mining.py:391

🔗

中危外部 URL 外部 URL

http://hq.sinajs.cn/list=

scripts/realtime_data_featcher.py:42

🔗

中危外部 URL 外部 URL

http://push2.eastmoney.com/api/qt/stock/get

scripts/stock_crawler.py:150

🔗

中危外部 URL 外部 URL

http://d.10jqka.com.cn/v6/line/hs_

scripts/stock_crawler.py:219

目录结构

26 文件 · 662.4 KB · 17445 行

Python 21f · 16159L Markdown 2f · 1051L JSON 2f · 231L Text 1f · 4L

├─ ▾ 📁 assets

│ ├─ 🔑 config.json ⚠ JSON 5L · 99 B

│ └─ 📄 requirements.txt Text 4L · 64 B

├─ ▾ 📁 references

│ └─ 📝 API_FOR_LLM.md Markdown 915L · 23.5 KB

├─ ▾ 📁 scripts

│ ├─ ▾ 📁 formulaicAlphas

│ │ ├─ 🐍 __init__.py Python 36L · 1.0 KB

│ │ ├─ 🐍 alpha101.py Python 940L · 58.9 KB

│ │ ├─ 🐍 data_loader.py Python 111L · 4.1 KB

│ │ └─ 🐍 operators.py Python 189L · 7.4 KB

│ ├─ 🐍 backtest_tools.py Python 466L · 14.8 KB

│ ├─ 🐍 config.py Python 55L · 1.6 KB

│ ├─ 🐍 data_fetcher.py Python 1786L · 64.2 KB

│ ├─ 🐍 decrypt_patch.py Python 53L · 1.6 KB

│ ├─ 🐍 define.py Python 1464L · 51.6 KB

│ ├─ 🐍 factor_mining.py Python 849L · 40.1 KB

│ ├─ 🐍 indicators.py Python 3097L · 110.4 KB

│ ├─ 🐍 logger.py Python 2L · 63 B

│ ├─ 🐍 metrics.py Python 319L · 10.9 KB

│ ├─ 🐍 moe_signal.py Python 1268L · 50.6 KB

│ ├─ 📋 moe_weights.json JSON 226L · 5.3 KB

│ ├─ 🐍 realtime_data_featcher.py Python 93L · 3.7 KB

│ ├─ 🐍 remote_api.py Python 202L · 6.4 KB

│ ├─ 🐍 signals.py Python 775L · 30.4 KB

│ ├─ 🐍 stock_api.py Python 4035L · 152.9 KB

│ ├─ 🐍 stock_crawler.py Python 287L · 12.0 KB

│ ├─ 🐍 track_logger.py Python 14L · 364 B

│ └─ 🐍 utils.py Python 118L · 3.5 KB

└─ 📝 SKILL.md Markdown 136L · 7.0 KB

依赖分析 4 项

包名	版本	来源	已知漏洞	备注
`pandas`	`>=1.3.5`	requirements.txt	否	Version not pinned; only lower bound specified
`numpy`	`>=1.21.0`	requirements.txt	否	Version not pinned; only lower bound specified
`requests`	`>=2.31.0`	requirements.txt	否	Version not pinned; only lower bound specified
`SQLAlchemy`	`>=2.0.48`	requirements.txt	否	Version not pinned; only lower bound specified

安全亮点

✓ No subprocess, os.popen, shell=True, or any shell execution commands found

✓ No credential harvesting — does not scan ~/.ssh, ~/.aws, .env, or other credential paths

✓ No base64-encoded payloads, eval/exec, or dynamic code loading

✓ No hidden HTML comments, obfuscation, or anti-analysis patterns

✓ No prompt injection instructions found in any file

✓ No persistence mechanisms (cron, startup hooks, registry writes)

✓ No C2 communication or data exfiltration to undeclared endpoints

✓ All network access targets are explicitly declared in SKILL.md frontmatter

✓ Filesystem writes are scoped to temp directory (system temp/BitSoulStockSkill), not user home

✓ Token is used only for declared remote API authentication purposes

✓ Encrypted data files use per-file decryption keys fetched per-request — not stored insecurely

✓ Skill correctly uses sqlalchemy text() for parameterized SQL queries, preventing injection