TuShare Stock Skill
PassAudited by ClawScan on May 1, 2026.
Overview
This appears to be a coherent Tushare A-share data skill that uses your Tushare token and network access as expected for stock-data queries.
Before installing, make sure you are comfortable giving the skill a Tushare token and letting it call Tushare APIs for requested stock data. Use a virtual environment for the Python packages, keep any token env file minimal, and watch quota-consuming or permission-gated requests.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill can use your Tushare account token to retrieve stock data and may consume API quota or access paid/permissioned data available to that token.
The script uses the user's Tushare token to authenticate API requests. This is expected for the stated Tushare integration, but it means the skill can consume the user's Tushare account access and quota.
token = os.environ.get("TUSHARE_TOKEN") ... return ts.pro_api(token)Use a Tushare token intended for this purpose, avoid sharing it in prompts, and keep any env file limited to the TUSHARE_TOKEN value.
When invoked, the agent may send stock query parameters to Tushare and retrieve market or company data on your behalf.
The skill exposes commands that make network API calls to Tushare based on user requests. This is central to the stock-data purpose and is disclosed.
`run`、`fetch`、`analyze` 会访问 Tushare 网络接口
Review high-volume, deep, or gated data requests before running them, especially if your Tushare account has limited quota or paid permissions.
Dependency updates or package-source issues could change behavior at install time, even though these packages are normal for the skill's purpose.
The dependency list uses unpinned package names without versions or hashes, so installing later may fetch different package versions than the author tested.
pandas tushare requests beautifulsoup4
Install in a virtual environment and consider pinning or reviewing dependency versions before use.