agent-stock
ReviewAudited by ClawScan on May 1, 2026.
Overview
This is a coherent stock-analysis skill, but users should review its external CLI install step, high-stakes trading advice, and local storage of portfolio reports before using it.
Before installing, confirm you trust the external agent-stock CLI package and prefer an isolated Python environment. Do not provide broker credentials or unnecessary personal financial details. Review and protect the generated dist/ reports, and treat all buy/sell recommendations as informational rather than guaranteed investment advice.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the package can modify the local environment and will make the agent rely on external code for stock data commands.
The skill depends on installing an external CLI package and possibly setting up Python, while no install spec or pinned package version is declared. This is central to the stock-data purpose, but it is still a supply-chain surface users should notice.
uv tool install agent-stock ... pip3 install agent-stock ... 如果用户没有 `uv` 或者 `pip`,需要先帮用户安装好 python 环境
Install only from a trusted source, prefer a virtual environment or uv tool isolation, and pin/review the package version before use.
The agent may run local stock-data commands and base recommendations on their output.
The workflow directs the agent to run stock CLI commands, including generated screening queries. This is expected for the skill, but it is still local tool use that should stay limited to market-data analysis.
使用 `stock query` 命令查询 ... 使用 `stock rank` 获取人气榜/异动榜 ... 对每一只候选股票都必须使用 `stock quote` 命令
Keep command execution limited to the documented stock CLI functions and require confirmation before any unrelated system or environment changes.
Sensitive financial information may remain on disk in generated markdown reports.
The holdings workflow asks for user portfolio/account information and saves analysis containing asset and holdings details to a local file.
如果用户未提供持仓数据,必须让用户先提供持仓数据 ... 保存到文件 `dist/holdings/YYYYMMDD_hhmm.md` ... 总资产 ... 总市值 ... 可用资金 ... 持仓占比
Provide only the holdings details needed for the task, avoid including credentials, and delete or protect generated dist/ reports when no longer needed.
A user could treat generated trading recommendations as authoritative and make risky investment decisions.
The prompt uses a strong expert persona and produces concrete trading actions and position-size suggestions. This is aligned with the stated purpose, but it can encourage over-reliance in a high-impact financial context.
你是一位拥有十年实战经验的顶尖量化交易员与超短线炒股专家 ... >= 80 | 强烈买入 | 可重仓(6-8成)参与
Treat outputs as decision-support only, verify data independently, consider professional advice, and do not let the agent execute trades without separate explicit authorization.
The agent may finish after writing a file instead of summarizing results in the chat.
The workflow sets a stopping/output condition after saving the report. It is not hidden or destructive, but it may override a user's expectation for an inline explanation.
结果保存完成后,**直接结束,不输出任何总结或问候语**
Ask explicitly for an on-screen summary if desired, and have the skill honor user requests for explanation or review.