Investor Education Workflow

The skill's declared purpose (produce and distribute investor-education content) matches its instructions and requirements; no unrelated credentials or installs are requested, but it writes to local knowledge directories, invokes other skills, and can run shell/web actions so you should review downstream skills and data-handling policies before use.

This skill appears internally coherent for producing investor-education content, but review these before installing: - Storage & privacy: The workflow saves customer Q&A and generated content into knowledge/investor-education/raw/ and wiki/ — if those records can contain personal data, confirm retention, redaction, and access controls. Consider seeding the knowledge directory in a controlled way before real data is used. - Downstream skills: The SKILL.md delegates formatting/publishing to expression-layer and uses search helpers (searxng, url-to-markdown). Audit those skills/endpoints to ensure they don't leak content to untrusted external services or require credentials you don't want to share. Verify how expression-layer publishes (e.g., WeChat/HTML/PNG) and what external APIs it calls. - Shell/Web capabilities: Allowed-tools include Exec/Bash/WebSearch. If your agent environment allows shell execution, confirm sandboxing limits so the skill cannot run arbitrary commands outside the knowledge paths. - Compliance behavior: The skill intentionally 'soft-transforms' red-line requests (e.g., 'recommend this fund') into educational content rather than hard refusal. Confirm that this approach meets your legal/regulatory obligations and that the transformation logic is implemented safely (no accidental giving of actionable investment advice). - Testing: Test the skill in a safe environment with non-sensitive example queries, verify the search-source restrictions are actually applied, validate intent/mold/audience parameter propagation to expression-layer, and inspect what gets persisted to the wiki before enabling on production data. If you cannot audit the downstream skills or control where generated content is published, treat the skill as higher risk and do not enable it for sensitive data or autonomous operation.