Einstein Research — Market Bubble Risk Detector
v0.1.0Evaluates market bubble risk through quantitative, data-driven analysis using a revised Minsky/Kindleberger framework. Prioritizes objective metrics over sub...
⭐ 0· 80·0 current·0 all-time
byRunByDaVinci@clawdiri-ai
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name, description, and documentation all describe a data-driven bubble detector and the requested actions (fetch public market/sentiment data, compute scores, output JSON/Markdown) match that purpose. Minor inconsistency: documentation and examples refer to several entry points (bubble-detector CLI, scripts/bubble_detector.py, and the repository actually contains scripts/bubble_scorer.py). This looks like sloppy naming/version drift rather than a mismatch in required privileges or unrelated credentials.
Instruction Scope
SKILL.md and the implementation guide give a bounded, explicit workflow: collect specific public indicators (CBOE, VIX, FINRA, Google Trends, IPO stats), normalize, weight, and output a report. It instructs use of web_search/HTTP calls and public data APIs — appropriate for the stated task. There are no instructions to read unrelated user files, system credentials, or to exfiltrate private data. The skill requires network access to public sources (explicitly listed).
Install Mechanism
There is no install spec (instruction-only style) and included README lists normal Python dependencies (yfinance, requests, pandas). No downloads from untrusted URLs or archive extraction steps are present. The lack of an install step reduces risk, but the code is present and would run locally if invoked.
Credentials
The skill declares no required environment variables, no credentials, and no configuration paths. That is proportionate: the design uses public data sources and common Python libraries. The documentation explicitly states 'No API keys required.' If you plan to adapt the code to use paid APIs, additional credentials would be needed but are not requested here.
Persistence & Privilege
The skill is not marked always:true and uses normal autonomous invocation semantics. It does not request to modify other skills or system-wide settings. The skill includes a runnable script (local), which will run only when invoked — standard for this category.
Assessment
This package appears internally consistent and implements a public-data, quantitative bubble detector. Before you run it: 1) review the script file (scripts/bubble_scorer.py) to confirm there are no hidden network endpoints or unexpected behavior (the repository references multiple script/CLI names — bubble-detector, bubble_detector.py, bubble_scorer.py — so verify the actual runnable entrypoint). 2) Install dependencies in a sandbox or virtual environment (pip install yfinance requests pandas) and run the script with limited privileges. 3) Be aware the tool fetches public internet data (Google Trends, CBOE, FINRA, etc.) — confirm your environment permits that and that no private credentials are accidentally used. 4) If you plan to integrate with paid/private APIs, supply only the minimal credentials needed and audit any code changes. Overall: coherent and expected for its stated purpose, but do the routine code review and run in a controlled environment due to the presence of executable script files.Like a lobster shell, security has layers — review code before you run it.
latestvk97c3f989nht7jyd9ccth7erz183cy1c
License
MIT-0
Free to use, modify, and redistribute. No attribution required.