Dynamic code execution detected.
Critical
- Code
- suspicious.dynamic_code_execution
- Location
- tests/test_manifest_tool_map_parity.py:18
- Evidence
spec.loader.exec_module(mod) # type: ignore[union-attr]
Security audit
Security checks across malware telemetry and agentic risk
This appears to be a coherent China market-data plugin; it runs local Python tooling and can write local OpenClaw/cache files, but the disclosed behavior matches its stated purpose.
This skill looks appropriate for users who want China market-data and research tools in OpenClaw. Before installing, review the source-install and development-registration steps, use a virtual environment, provide TUSHARE_TOKEN only if needed, and be aware that enabling cache or health snapshots can write local data files.
64/64 vendors flagged this plugin as clean.
Detected: suspicious.dynamic_code_execution, suspicious.install_untrusted_source
spec.loader.exec_module(mod) # type: ignore[union-attr]
spec.loader.exec_module(module) # type: ignore[union-attr]
url: "http://127.0.0.1:2080"