astock-report Security Report — Trusted | ClawSafe

5 /100

astock-report

A股报告生成与推送技能 — A-share stock report generation and push skill for 6 report types (morning, evening, close summary, intraday alerts, weekend news, IPO weekly)

Legitimate A-share stock report generation and push skill with no malicious behavior: all operations (data fetch, sentiment calculation, webhook push) are documented, purposeful, and standard for financial data tools.

Skill Nameastock-report

Duration40.3s

Enginepi

✓

Safe to install

Skill is safe to deploy. Minor note: add version pin for akshare in any dependency file to reduce supply-chain risk.

Findings 3 items

Severity	Finding	Location
Low	AKShare dependency not version-pinned Supply Chain All Python scripts import 'akshare' without a version constraint. Unpinned third-party packages can introduce breaking changes or compromised releases. `import akshare as ak` → Pin akshare to a known compatible version, e.g. requirements.txt with akshare>=1.10.0,<2.0.0	`scripts/send_close_summary.py, scripts/send_evening_report.py, scripts/send_intraday_alert.py, scripts/send_ipo_report.py`
Low	Webhook key hardcoded in send_ipo_report.py instead of keys_loader Doc Mismatch The Webhook URL is hardcoded inline in send_ipo_report.py (line 13) as 'https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=c4a1cd60-254e-4612-b365-c701482ae98c' rather than being read from /workspace/keys/wecom_webhook.ini via keys_loader. This is a known bug already documented in references/config.json _bug_fixes_required section. `_URL = "https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=c4a1cd60-254e-4612-b365-c701482ae98c"` → Replace with sys.path.insert and import from keys_loader like other scripts do	`scripts/send_ipo_report.py:13`
Low	Subprocess shell execution via curl for webhook push RCE All scripts use subprocess.run(['curl', ...]) to POST messages to the WeChat Work webhook. This is the declared and necessary mechanism for webhook delivery — no arbitrary command injection is present since the curl command is constructed with hardcoded flags and controlled payload. `subprocess.run(['curl', '-s', '-X', 'POST', WEBHOOK_URL, '-H', 'Content-Type: application/json', '-d', '@-'], ...)` → No action needed — this is the documented and intended push mechanism. Consider using Python's requests library or httpx as a cleaner alternative to subprocess.	`scripts/common.py, scripts/send_ipo_report.py:27`

Resource	Declared	Inferred	Status	Evidence
Network	`READ`	`READ`	✓ Aligned	urllib.request fetching qt.gtimg.cn; AKShare API calls; curl POST to WeChat Work…
Shell	`WRITE`	`WRITE`	✓ Aligned	subprocess.run(['curl', ...]) in wx_push() across all scripts for webhook delive…
Filesystem	`WRITE`	`WRITE`	✓ Aligned	State files (.alert_*, .state) written in script directories by already_sent/mar…
Environment	`NONE`	`NONE`	—	No environment variable access found; webhook URL read from /workspace/keys/keys…

2 findings

🔗

Medium External URL 外部 URL

https://qt.gtimg.cn/q=

scripts/send_close_summary.py:30

🔗

Medium External URL 外部 URL

https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=c4a1cd60-254e-4612-b365-c701482ae98c

scripts/send_ipo_report.py:13

File Tree

7 files · 60.5 KB · 1687 lines

Python 5f · 1102L Markdown 1f · 493L JSON 1f · 92L

├─ ▾ 📁 references

│ └─ 🔑 config.json ⚠ JSON 92L · 3.7 KB

├─ ▾ 📁 scripts

│ ├─ 🐍 common.py Python 83L · 2.8 KB

│ ├─ 🐍 send_close_summary.py Python 272L · 10.0 KB

│ ├─ 🐍 send_evening_report.py Python 373L · 13.7 KB

│ ├─ 🐍 send_intraday_alert.py Python 152L · 4.6 KB

│ └─ 🐍 send_ipo_report.py Python 222L · 8.3 KB

└─ 📝 SKILL.md Markdown 493L · 17.4 KB

Dependencies 3 items

Package	Version	Source	Known Vulns	Notes
`akshare`	`*`	pip	No	Not pinned to a specific version; latest is used
`pandas`	`not specified`	pip	No	Used in send_ipo_report.py for data processing
`urllib`	`stdlib`	stdlib	No	Standard library used for HTTP fetches

Security Positives

✓ No credential harvesting: No iteration of os.environ for secrets, no access to ~/.ssh, ~/.aws, .env, or similar sensitive paths

✓ No obfuscation: No base64-encoded strings, no eval(), no atob() patterns, no hidden HTML comments

✓ No data exfiltration: All network egress is to the legitimate WeChat Work webhook (qyapi.weixin.qq.com) and documented financial data sources (Tencent Finance qt.gtimg.cn, AKShare)

✓ No remote code execution: No curl|bash, wget|sh, pip install without version, or dynamic code execution patterns

✓ No persistence mechanisms: No cron/scheduled task creation, no startup hooks, no backdoor installation

✓ No prompt injection: Agent prompts in SKILL.md are standard workflow instructions, no jailbreak or manipulation instructions

✓ Documentation matches implementation: All capabilities (webhook push, data fetch, sentiment scoring) are declared in SKILL.md

Scan Report

Findings 3 items

File Tree

Dependencies 3 items

Security Positives