中文 EN

扫描报告

扫描新文件

可信 — 风险评分 5/100
上次扫描:1 天前 重新扫描
5 /100
astock-report
A股报告生成与推送技能 — A-share stock report generation and push skill for 6 report types (morning, evening, close summary, intraday alerts, weekend news, IPO weekly)
Legitimate A-share stock report generation and push skill with no malicious behavior: all operations (data fetch, sentiment calculation, webhook push) are documented, purposeful, and standard for financial data tools.
技能名称astock-report
分析耗时40.3s
引擎pi
可以安装
Skill is safe to deploy. Minor note: add version pin for akshare in any dependency file to reduce supply-chain risk.

安全发现 3 项

严重性 安全发现 位置
低危
AKShare dependency not version-pinned 供应链
All Python scripts import 'akshare' without a version constraint. Unpinned third-party packages can introduce breaking changes or compromised releases.
import akshare as ak
→ Pin akshare to a known compatible version, e.g. requirements.txt with akshare>=1.10.0,<2.0.0
 scripts/send_close_summary.py, scripts/send_evening_report.py, scripts/send_intraday_alert.py, scripts/send_ipo_report.py
低危
Webhook key hardcoded in send_ipo_report.py instead of keys_loader 文档欺骗
The Webhook URL is hardcoded inline in send_ipo_report.py (line 13) as 'https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=c4a1cd60-254e-4612-b365-c701482ae98c' rather than being read from /workspace/keys/wecom_webhook.ini via keys_loader. This is a known bug already documented in references/config.json _bug_fixes_required section.
_URL = "https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=c4a1cd60-254e-4612-b365-c701482ae98c"
→ Replace with sys.path.insert and import from keys_loader like other scripts do
 scripts/send_ipo_report.py:13
低危
Subprocess shell execution via curl for webhook push 代码执行
All scripts use subprocess.run(['curl', ...]) to POST messages to the WeChat Work webhook. This is the declared and necessary mechanism for webhook delivery — no arbitrary command injection is present since the curl command is constructed with hardcoded flags and controlled payload.
subprocess.run(['curl', '-s', '-X', 'POST', WEBHOOK_URL, '-H', 'Content-Type: application/json', '-d', '@-'], ...)
→ No action needed — this is the documented and intended push mechanism. Consider using Python's requests library or httpx as a cleaner alternative to subprocess.
 scripts/common.py, scripts/send_ipo_report.py:27
资源类型声明权限推断权限状态证据
网络访问 READ READ ✓ 一致 urllib.request fetching qt.gtimg.cn; AKShare API calls; curl POST to WeChat Work…
命令执行 WRITE WRITE ✓ 一致 subprocess.run(['curl', ...]) in wx_push() across all scripts for webhook delive…
文件系统 WRITE WRITE ✓ 一致 State files (.alert_*, .state) written in script directories by already_sent/mar…
环境变量 NONE NONE No environment variable access found; webhook URL read from /workspace/keys/keys…
2 项发现
🔗
中危 外部 URL 外部 URL
https://qt.gtimg.cn/q=
scripts/send_close_summary.py:30
🔗
中危 外部 URL 外部 URL
https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=c4a1cd60-254e-4612-b365-c701482ae98c
scripts/send_ipo_report.py:13

目录结构

7 文件 · 60.5 KB · 1687 行
Python 5f · 1102L Markdown 1f · 493L JSON 1f · 92L
├─ 📁 references
│ └─ 🔑 config.json JSON 92L · 3.7 KB
├─ 📁 scripts
│ ├─ 🐍 common.py Python 83L · 2.8 KB
│ ├─ 🐍 send_close_summary.py Python 272L · 10.0 KB
│ ├─ 🐍 send_evening_report.py Python 373L · 13.7 KB
│ ├─ 🐍 send_intraday_alert.py Python 152L · 4.6 KB
│ └─ 🐍 send_ipo_report.py Python 222L · 8.3 KB
└─ 📝 SKILL.md Markdown 493L · 17.4 KB

依赖分析 3 项

包名版本来源已知漏洞备注
akshare * pip Not pinned to a specific version; latest is used
pandas not specified pip Used in send_ipo_report.py for data processing
urllib stdlib stdlib Standard library used for HTTP fetches

安全亮点

✓ No credential harvesting: No iteration of os.environ for secrets, no access to ~/.ssh, ~/.aws, .env, or similar sensitive paths
✓ No obfuscation: No base64-encoded strings, no eval(), no atob() patterns, no hidden HTML comments
✓ No data exfiltration: All network egress is to the legitimate WeChat Work webhook (qyapi.weixin.qq.com) and documented financial data sources (Tencent Finance qt.gtimg.cn, AKShare)
✓ No remote code execution: No curl|bash, wget|sh, pip install without version, or dynamic code execution patterns
✓ No persistence mechanisms: No cron/scheduled task creation, no startup hooks, no backdoor installation
✓ No prompt injection: Agent prompts in SKILL.md are standard workflow instructions, no jailbreak or manipulation instructions
✓ Documentation matches implementation: All capabilities (webhook push, data fetch, sentiment scoring) are declared in SKILL.md