ClawHub

Qveris Finance

v1.1.0

AI-powered financial data assistant for stock analysis and global market overview. Combines multiple QVeris data sources (TwelveData, Finnhub, Alpha Vantage,...

1· 228·1 current·1 all-time
bydxj@buxibuxi
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (financial data aggregation) match the actual behavior: all network calls and scripts target qveris.ai and reference aggregated market/data tool IDs. The single required environment variable (QVERIS_API_KEY) is appropriate for a gateway API client.
Instruction Scope
SKILL.md instructs the agent to discover/call QVeris tools or use the included Node.js scripts; instructions only reference QVeris endpoints and the provided scripts. There is no guidance to read unrelated local files, exfiltrate other env vars, or contact external hosts beyond qveris.ai.
Install Mechanism
No external installer or downloads are requested (local-skill-execution / instruction-only). The repo includes small helper scripts (client, env, CLI) with clear behavior and no obfuscated code; nothing in the install flow writes arbitrary files or pulls from unknown URLs.
Credentials
Only QVERIS_API_KEY is required and declared as the primary credential. The SKILL.md declares a read-only scope and the code only reads process.env.QVERIS_API_KEY; no other secret names or config paths are requested.
Persistence & Privilege
Skill is not marked always:true and does not request system-wide configuration changes. The README provides optional manual copy instructions but the skill does not autonomously modify other skills or persistent agent settings.
Assessment
This skill appears coherent and limited to calling the QVeris API. Before installing: (1) ensure you trust qveris.ai as the recipient of your API calls; (2) provision a QVERIS_API_KEY with least privilege (read-only if possible) and avoid reusing high-privilege keys; (3) confirm your environment does not expose other secrets to the agent while running (the skill only reads QVERIS_API_KEY but the agent may have broader access); (4) note that large responses may include full_content_file_url values returned by qveris.ai — follow your organization’s safe retrieval policies if you fetch those URLs. If you need higher assurance, review or run the included scripts in an isolated environment before enabling the skill for general use.

Like a lobster shell, security has layers — review code before you run it.

latestvk978ckxrpyyd8aq1bj1mmkwsp983j4z6

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

EnvQVERIS_API_KEY
Primary envQVERIS_API_KEY

Comments