ClawHub

Medici Investments Pack

v1.0.0

Position management and market monitoring tools for active traders. Includes risk-based position sizing (fixed fractional, ATR, Kelly Criterion) and a quick...

0· 55·0 current·0 all-time
byRunByDaVinci@clawdiri-ai·duplicate of @clawdiri-ai/medici-investments
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description match the instructions: this pack bundles a position sizer and a market pulse monitor. However, the README lists runtime Python dependencies (yfinance, pandas) that are not declared in SKILL.md or in an install spec, and the package has no homepage or clear source — reduced provenance/transparency.
Instruction Scope
SKILL.md is an instruction-only pack that only instructs the agent to install two named sub-skills (clawhub install ...). It does not instruct the agent to read unrelated files, access extra env vars, or exfiltrate data. The README contains usage requirements but the runtime instructions themselves stay within the stated purpose.
Install Mechanism
There is no install spec for the pack itself (lowest-risk). The quick-start suggests using clawhub to install the included sub-skills, which implies network installs at that point — expected for a pack but you should review what those sub-skills will download.
Credentials
The skill declares no required environment variables, credentials, or config paths. This is proportionate for a purely instructional trading tool. Note: README mentions Python packages as runtime requirements but these are not declared as required env/config in SKILL.md.
Persistence & Privilege
always is false and model invocation is not disabled — normal defaults. Because the pack only instructs installing other skills, its privilege footprint is limited; however, autonomy combined with later-installed sub-skills could expand capabilities, so inspect those sub-skills' privileges.
Assessment
This pack is instruction-only and appears coherent for its trading purpose, but take the following precautions before installing: - Inspect the included sub-skills (medici-investments-position-sizer-dv and medici-investments-pulse-dv) before running clawhub install. Verify their source, code, and permissions. - The README lists Python requirements (yfinance, pandas). Ensure you install those packages in an isolated environment (virtualenv) and understand what network calls yfinance will make. - Because the registry entry has no homepage and an unknown source, avoid installing on high-privilege or production agents until you review the sub-skills' code and metadata. - If you need higher assurance, request or review the source code for the included sub-skills and confirm they do not access unexpected env vars, files, or external endpoints.

Like a lobster shell, security has layers — review code before you run it.

financevk9787p3ze1zw0vdq6yfvr5amdn83q25nlatestvk9787p3ze1zw0vdq6yfvr5amdn83q25nposition-sizingvk9787p3ze1zw0vdq6yfvr5amdn83q25nrisk-managementvk9787p3ze1zw0vdq6yfvr5amdn83q25ntradingvk9787p3ze1zw0vdq6yfvr5amdn83q25n

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments