akshare Security Report — Low Risk | ClawSafe

20 /100

akshare

Use AKShare for Chinese market and macro-finance data via Python. Fetches public A股/港股/美股/ETF/基金/指数/宏观/利率/债券/期货/商品/分红/财务 data.

Legitimate financial data retrieval tool (AKShare wrapper) with documented venv bootstrapping and a Python eval() expression runner; the eval() with full builtins is a minor concern but is core to the documented use case with no evidence of abuse.

Skill Nameakshare

Duration48.7s

Enginepi

✓

Safe to install

Accept for use. Monitor the venv path ($HOME/.openclaw/.venvs/akshare) for unexpected packages. Consider restricting eval builtins if future versions need tighter isolation.

Findings 3 items

Severity	Finding	Location
Medium	Python eval() with full builtins exposed scripts/akshare_eval.py passes __builtins__ directly to eval(), granting access to dangerous functions such as __import__, open, compile, and built-in constructors. While the expression namespace is intentionally scoped (only ak/pd/json available), a malicious expression could still invoke builtins to read files, enumerate modules, or escalate behavior within the process. `result = eval(args.expr, {'__builtins__': __builtins__}, env)` → Restrict __builtins__ to a minimal whitelist (e.g., only safe built-in functions) or sandbox the eval in a subprocess with seccomp. Document this trade-off in SKILL.md.	`scripts/akshare_eval.py:28`
Low	Unversioned pip install of akshare The bootstrap script installs 'akshare' from PyPI without a version pin. This creates a minor supply-chain risk where a future breaking or compromised release could affect behavior. `"$VENV/bin/pip" install --upgrade akshare` → Pin to a known-good version, e.g. 'akshare==1.13.0', and update periodically through a controlled release process.	`scripts/bootstrap_akshare_env.sh:8`
Low	External social links not verified SKILL.md references https://github.com/Zack995 and https://x.com/btc_cczzc as the official homepage and maintainer. These point to a non-standard AKShare fork (the canonical repo is akfamily/akshare). The skill bundles its own bootstrap rather than relying on a standard pip install of the published package. `GitHub: https://github.com/Zack995` → Verify the maintainer's identity and ensure the bundled AKShare fork is the official upstream or a trusted modification. Prefer installing the standard PyPI package directly.	`SKILL.md:91`

Resource	Declared	Inferred	Status	Evidence
Shell	`WRITE`	`WRITE`	✓ Aligned	SKILL.md documents bash bootstrap; scripts/bootstrap_akshare_env.sh creates venv…
Filesystem	`WRITE`	`WRITE`	✓ Aligned	bootstrap_akshare_env.sh writes to $HOME/.openclaw/.venvs/akshare
Network	`NONE`	`READ`	✓ Aligned	AKShare fetches public financial data from Chinese market APIs; this is the core…
Skill Invoke	`NONE`	`NONE`	—	No skill-invocation patterns detected

1 findings

🔗

Medium External URL 外部 URL

https://x.com/btc_cczzc

SKILL.md:92

File Tree

4 files · 5.6 KB · 214 lines

Markdown 2f · 151L Python 1f · 51L Shell 1f · 12L

├─ ▾ 📁 references

│ └─ 📝 common-recipes.md Markdown 59L · 1.2 KB

├─ ▾ 📁 scripts

│ ├─ 🐍 akshare_eval.py Python 51L · 1.5 KB

│ └─ 🔧 bootstrap_akshare_env.sh Shell 12L · 338 B

└─ 📝 SKILL.md Markdown 92L · 2.6 KB

Dependencies 2 items

Package	Version	Source	Known Vulns	Notes
`akshare`	`*`	pip (PyPI)	No	No version pinned; bootstrap installs latest from PyPI
`pandas`	`*`	akshare dependency	No	Transitive dependency, installed with akshare

Security Positives

✓ No evidence of credential harvesting, key enumeration, or os.environ iteration

✓ No base64 decode/eval chains, no curl|bash or wget|sh remote execution

✓ No hidden instructions in comments or HTML

✓ No access to sensitive paths such as ~/.ssh, ~/.aws, or .env

✓ No network connections to external IPs outside of legitimate AKShare API calls

✓ The skill's core functionality (financial data retrieval) is straightforward and auditable

Scan Report

Findings 3 items

File Tree

Dependencies 2 items

Security Positives