Is market-environment-analysis safe?

https://clawhub.ai/Veeramanikandanr48/market-environment-analysis

85
SAFE

This is a legitimate market analysis reporting skill with no malicious intent detected. The skill provides structured workflows for collecting and analyzing financial market data via web searches, with reference documentation and a benign Python formatting utility. The primary concerns are the included Python script (currently safe but a potential future supply-chain vector) and the lack of financial advice disclaimers. No data exfiltration, prompt injection, or suspicious clone behavior was detected.

Category Scores

Prompt Injection 88/100 · 30%
Data Exfiltration 95/100 · 25%
Code Execution 78/100 · 20%
Clone Behavior 90/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 72/100 · 5%

Findings (6)

MEDIUM Python script with explicit execution instructions -15

The skill includes scripts/market_utils.py with a shebang line and explicit SKILL.md instructions to run it via 'python scripts/market_utils.py'. The script is currently benign (uses only datetime and json from stdlib for formatting utilities), but the execution pattern creates a supply-chain risk vector if future versions introduce dangerous imports.

MEDIUM Financial advice without disclaimers -15

The skill instructs the agent to provide investment strategy recommendations, position adjustments, and trader-specific advice without any disclaimer language. Users may treat AI-generated market analysis as professional financial advice.

LOW Broad activation trigger keywords -5

The skill triggers on 13+ keywords across English and Japanese, creating a wide activation surface that may cause unintended skill invocation during casual market-related conversations.

LOW Sensitive file reads during installation (likely runtime, not skill) -5

During installation, the process opened /home/oc-exec/.aws/credentials and /home/oc-exec/.env. The access pattern (interleaved with .openclaw/openclaw.json, .profile, .bashrc reads) strongly suggests this is the OpenClaw agent runtime initialization, not the skill itself. No network activity followed, so no data was exfiltrated.

INFO No exfiltration vectors present 0

Complete source code review reveals no URLs, API endpoints, fetch calls, curl commands, or any mechanism to send data externally. All code is self-contained with standard library dependencies only.

INFO All honeypot files intact 0

No canary files were accessed or modified during the skill's installation or any monitored activity period.