ClawHub

云梦A股数据获取Skill

v1.0.0

获取A股市场资金流向、新闻、筹码分布、龙虎榜及涨停板等多维度数据,支持单只股票详情查询。

1· 707·9 current·10 all-time
by冢猫@glory904649854
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the code and SKILL.md. The Python code issues HTTP requests to EastMoney and Sina endpoints (expected sources for A‑share data) and implements the functions described (fund flow, news, chip distribution,龙虎榜, 涨停板, etc.).
Instruction Scope
SKILL.md instructs standard install/use patterns and documents network dependence. It does not ask the agent to read unrelated system files or to access credentials; behavior described (and implemented) stays within the data‑collection scope.
Install Mechanism
No remote arbitrary download/install is used; packaging is standard Python (pip editable install, setup.py). Dependencies are common PyPI libraries (pandas, requests, beautifulsoup4). The presence of a package.json is odd (Node metadata in a Python package) but not a security risk by itself.
Credentials
The skill requires no environment variables, no credentials, and references only public HTTP APIs. No sensitive system paths or unrelated service credentials are requested.
Persistence & Privilege
Flags show always: false (not forced into every agent run) and model invocation is allowed (the normal default). The package installs an entry point/console script but does not attempt to modify other skills or system configurations.
Assessment
This skill appears coherent and implements what it claims: it scrapes/fetches A‑share data from EastMoney and Sina using standard Python libraries and does not request secrets. Before installing: (1) review or run the code in a sandbox to confirm it only calls the documented endpoints and to see where CSV files are written (README mentions a results/ directory); (2) be aware it will perform network requests—do not run it in environments with strict data/network policies; (3) note minor packaging oddities (package.json present, entry_point name may not match packaging layout) — you may want to inspect run_all and file‑write behavior in index.py to confirm file locations and frequency. If you plan to allow autonomous invocation by agents, consider the usual caution: the skill can make outbound network calls and write files, so limit its permissions or run in an isolated environment if you have sensitive data on the host.

Like a lobster shell, security has layers — review code before you run it.

latestvk972rwg2myv0h22ypyqbhade8h82a075

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments