ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Crypto Analyst

v1.0.0

加密货币综合分析工具,整合OKX、Binance双交易所数据。提供行情查询、技术分析、交易信号、资金流向、仓位管理、DCA计划、风险计算。触发词:分析BTC、行情查询、交易信号、仓位计算、DCA计划、巨鲸追踪、风险评估。

0· 62·0 current·0 all-time
byYirong@erongcao

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for erongcao/erong-crypto-analyst.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Crypto Analyst" (erongcao/erong-crypto-analyst) from ClawHub.
Skill page: https://clawhub.ai/erongcao/erong-crypto-analyst
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install erong-crypto-analyst

ClawHub CLI

Package manager switcher

npx clawhub@latest install erong-crypto-analyst
Security Scan
Capability signals
CryptoCan make purchases
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
Name/description (crypto analysis for OKX and Binance) matches the included scripts (market data, technical analysis, DCA, position sizing, whale tracking). However registry metadata declares no required environment variables or primary credential, while multiple scripts (balance_check.py, okx_analyst.py) explicitly load OKX API key/secret/passphrase from a .env file and will attempt authenticated OKX calls. Also _meta.json ownerId differs from the provided registry Owner ID, an administrative inconsistency to verify.
!
Instruction Scope
SKILL.md instructs running many scripts, including ones that call authenticated OKX endpoints (balance_check, okx_analyst) and public APIs (Binance, alternative.me). The instructions expect a local .env with OKX credentials. The runtime instructions do not ask for any unrelated file or system access beyond the .env, but the SKILL.md fails to declare that those credentials are required in metadata.
Install Mechanism
No install spec is provided (instruction-only), which minimizes installation-time risk. The bundle nevertheless includes 10+ Python scripts and lists pip dependencies (requests, pandas, numpy, python-dotenv, akshare). There are no remote download/execute steps or URL shorteners in the code; dependencies are standard PyPI packages.
!
Credentials
Although registry metadata lists no required env vars/credentials, multiple scripts load OKX API credentials from a .env and/or environment variables (OKX_API_KEY, OKX_API_SECRET, OKX_API_PASSPHRASE). That mismatch is material: the skill will attempt to use secrets but did not declare them. No other broad unrelated credentials are requested, but an unknown news API endpoint (https://api.ns3.ai/feed) is used for news—confirm its trustworthiness.
Persistence & Privilege
The skill does not request permanent 'always' inclusion and does not modify other skills or system-wide configuration. It runs as scripts and reads a local .env; nothing indicates it writes to global agent configs or requires elevated privileges.
What to consider before installing
This skill looks like a real crypto analysis toolkit, but there are inconsistencies you should resolve before installing or running it: - The SKILL.md and code expect OKX API credentials stored in a local .env (OKX_API_KEY, OKX_API_SECRET, optional PASSPHRASE), yet the registry metadata declares no required environment variables. Treat this as a red flag: the skill will use secrets even though that isn't advertised. - If you plan to run scripts that access your exchange account (balance_check.py or okx_analyst.py), create API keys with the minimum permissions needed (read-only) and restrict IP/permissions where possible. Do not use your full-trade keys unless you understand and trust the code. - Review the code yourself (or have someone you trust do so). The network calls are to public exchange APIs and alternative.me; an additional news endpoint (api.ns3.ai) is used—verify that source and its privacy policy before allowing it to be contacted from a machine holding secrets. - Run the code in an isolated environment (container or VM) and avoid placing high-privilege secrets in your primary environment. Consider populating .env only when necessary, and delete or rotate keys after testing. - Confirm the package owner and provenance (ownerId mismatch in metadata) before trusting it with credentials. If you cannot verify the author, avoid giving this skill live credentials.

Like a lobster shell, security has layers — review code before you run it.

latestvk976yd4vrqy8tnwfsce9e6j4p984h07v
62downloads
0stars
1versions
Updated 2w ago
v1.0.0
MIT-0
Yirong@erongcao
latest
Download

Crypto Analyst v1.0

加密货币综合分析,统一调用 OKX、Binance、AKShare 三大数据源。

工作流

价格查询 → 技术分析 → 资金流向 → 策略建议 → 仓位管理

工具速查

需求工具数据源
OKX技术分析/信号okx_analyst.pyOKX API
Binance实时行情binance_market.pyBinance公开API
Binance技术分析technical_analysis.pyBinance公开API
双交易所价格对比cross_exchange.pyOKX + Binance
巨鲸追踪whale_tracker.pyBinance
DCA定投计划dca_calculator.py本地计算
仓位计算position_sizer.py本地计算
市场机会扫描market_scanner.pyBinance
恐惧&贪婪fear_greed.pyalternative.me
加密货币余额balance_check.pyOKX API(需要Key)

快速命令

日常行情分析

# OKX技术分析(完整报告)
python3 scripts/okx_analyst.py BTC-USDT

# OKX快速信号
python3 scripts/okx_analyst.py BTC-USDT --signal-only

# Binance实时价格
python3 scripts/binance_market.py --symbol BTCUSDT

# Binance技术分析
python3 scripts/technical_analysis.py --symbol BTCUSDT --interval 1h

进阶分析

# 跨交易所价格对比(发现价差套利机会)
python3 scripts/cross_exchange.py BTC

# 巨鲸追踪
python3 scripts/whale_tracker.py --symbol BTCUSDT

# 市场机会扫描(Binance热门币种)
python3 scripts/market_scanner.py --gainers --limit 10

# 恐惧&贪婪指数
python3 scripts/fear_greed.py

策略工具

# DCA定投计划
python3 scripts/dca_calculator.py --total 5000 --frequency weekly --duration 180 --current-price 70000

# 仓位计算(2%风控)
python3 scripts/position_sizer.py --balance 10000 --risk 2 --entry 70000 --stop-loss 67000

标准分析流程

当用户说"分析BTC"或"帮我看看行情"时:

Step 1 - 价格 & 趋势

# OKX 4H周期完整分析
python3 scripts/okx_analyst.py BTC-USDT --timeframe 4H

# Binance 1H作为辅助确认
python3 scripts/binance_market.py --symbol BTCUSDT --klines 1h --limit 50

Step 2 - 资金面

# 巨鲸动向
python3 scripts/whale_tracker.py --symbol BTCUSDT

# 交易所资金费率(判断多空情绪)
python3 scripts/binance_market.py --symbol BTCUSDT --funding

Step 3 - 市场情绪

# 恐惧&贪婪
python3 scripts/fear_greed.py

Step 4 - 策略输出 综合以上给出:

  1. 当前信号(看涨/看跌/中性)
  2. 关键支撑/阻力位
  3. 入场区间
  4. 止损/止盈建议
  5. 仓位大小(风控)
  6. 风险提示

信号强度说明

强度信号建议
+8以上🟢 强烈看涨积极做多
+5~+7🟡 温和看涨轻仓试多
+2~+4🔵 轻微看涨观望
-1~+1⚪ 中性不操作
-2~-4🟠 轻微看跌轻仓试空
-5以下🔴 强烈看跌不做多

跨交易所对比

使用 cross_exchange.py 检测 OKX vs Binance 价差,超过0.1%提示套利机会。

风险控制规则

  1. 单笔交易风险 ≤ 账户2%
  2. 总持仓 ≤ 账户50%
  3. 永远带止损
  4. 恐惧&贪婪指数 ≥ 75(极度贪婪)时不做多
  5. 巨鲸卖出信号 + RSI超买 → 谨慎

配置文件

OKX API Key 配置在 .env

OKX_API_KEY=your-key
OKX_API_SECRET=your-secret

依赖

pip install requests pandas numpy python-dotenv akshare

Comments

Loading comments...