Mx Stocks Screener
v0.1.0基于东方财富数据库,支持通过自然语言输入筛选A港美股、基金、债券等多种资产,支持多元指标筛选,含技术面、消息面、基本面及市场情绪等,可用于全球资产速筛、跨市场监控、投资组合构建、策略回测等场景。返回结果包含数据说明及 csv 文件。Natural language screener for investment...
⭐ 0· 37·0 current·0 all-time
by@akiry09
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (natural‑language screener using 东财/MCP) matches what the package requests and does: it requires an EM_API_KEY, uses httpx to call an EastMoney MCP endpoint (ai-saas.eastmoney.com/proxy/…), and converts results to CSV and a description file. No unrelated cloud credentials or unrelated binaries are requested.
Instruction Scope
SKILL.md and the provided script stay within scope: they instruct setting EM_API_KEY, installing httpx, and running scripts/get_data.py which queries the MCP endpoint and writes CSV/description files. The instructions do not ask the agent to read arbitrary system files or exfiltrate other secrets.
Install Mechanism
There is no heavyweight install spec; only a simple dependency (httpx) is suggested via pip. No downloads from unknown URLs, no archive extraction, and no creation of unexpected system binaries.
Credentials
Only one required environment variable (EM_API_KEY) is declared and used, which is proportionate for a service that authenticates to EastMoney's API. The SKILL.md also documents an optional MX_STOCKS_SCREENER_OUTPUT_DIR for output files; this is reasonable. There are no unrelated SECRET/TOKEN variables requested.
Persistence & Privilege
The skill does not request always: true and does not modify other skills or system settings. It runs on demand and writes outputs only to its own output directory.
Assessment
This skill appears coherent with its stated purpose, but before installing: (1) confirm the EM_API_KEY you provide is from a trusted EastMoney account and check its permissions, expiry, and revocation options; (2) avoid pasting the key into prompts or logs — keep it in environment variables only; (3) run the script in an isolated or controlled environment if you are unsure (it makes network requests to EastMoney and writes CSVs to disk); (4) if you need extra assurance, inspect the remainder of scripts/get_data.py (and any future updates) to verify no additional network endpoints or file accesses are added.Like a lobster shell, security has layers — review code before you run it.
latestvk97a3e3rvps8ngmtv08b7rjp6s847jmg
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
EnvEM_API_KEY