ClawAudit verdict
stanley-druckenmiller-workflow
Market analysis workflow using public data to generate investment briefs and macro analysis; explicitly states it does not issue buy/sell calls or replace human judgment — purely informational output.
⚠ Flagged for review — coarse, uncorroborated signal, not a confirmed exploit. Review the config yourself before installing.
Automated static analysis — not a human review. ClawAudit flags capabilities, not confirmed intent, and can produce false positives. Disagree with this verdict? Use Dispute below.
Findings (4)
Possible hardcoded credential
README.md · code · API_KEY="<your_fred_api_key>
Instructs covert action — may act without user awareness
SKILL.md · prose · downgraded · silently
Python urllib.request — network access
scripts/market_panels.py · prose · downgraded · urllib.request
Python os.getenv — reads environment variable
scripts/market_panels.py · prose · downgraded · os.getenv(
Permissions & capabilities
No declared permissions — minimal attack surface.
Is this flag fair?
Thanks — recorded.