ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

FN Portrait Toolkit

v3.0.1

Financial report footnote extraction and analysis tool for Chinese A-share listed companies. Use when: (1) User wants to extract financial note data from ann...

0· 58·0 current·0 all-time
by@mapufan

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for mapufan/fn-portrait.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "FN Portrait Toolkit" (mapufan/fn-portrait) from ClawHub.
Skill page: https://clawhub.ai/mapufan/fn-portrait
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install fn-portrait

ClawHub CLI

Package manager switcher

npx clawhub@latest install fn-portrait
Security Scan
Capability signals
Requires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The code and SKILL.md match the declared purpose: crawling CNINFO, extracting footnotes, running semantic LLM analysis, and generating charts. Requiring LLM access (DeepSeek/Moonshot) or a local Ollama model is coherent with the analysis step. However the registry metadata claims no required env vars/credentials while the instructions and code explicitly rely on DEEPSEEK_API_KEY or KIMI_API_KEY (or a local Ollama). That mismatch reduces transparency.
!
Instruction Scope
Runtime instructions and the bundled scripts will: (1) download PDFs from CNINFO over the network, (2) extract text and create local Excel/PNG outputs, and (3) send extracted textual content to external LLM APIs (deepseek/moonshot) when those keys are provided. The pipeline therefore transmits possibly large portions of company documents to third-party services unless you intentionally run a local Ollama model — this is outside a simple 'local extraction' scope and has privacy/exfiltration implications.
Install Mechanism
There is no install script that downloads arbitrary binaries; the archive is instruction+code bundled with a requirements.txt of common Python packages. No remote install URLs or extract-from-unknown-host steps were included in the manifest. Installation risk is typical for a Python package and limited to pip package installation.
!
Credentials
The skill requires API keys for external LLM providers (DEEPSEEK_API_KEY, KIMI_API_KEY) per SKILL.md and uses environment variables in code, but registry metadata lists no required env vars or primary credential. That omission is an inconsistency. Also these env vars cause extracted document text to be sent to remote services — sensitive if you expect processing to be local.
Persistence & Privilege
The skill is not force-included (always: false) and does not request elevated system-wide privileges. It writes output files to user-specified directories and the default ~/.openclaw/skills path, which is normal for a skill. Autonomous invocation is allowed by default but not by itself a red flag here.
What to consider before installing
This skill bundles Python scripts that: download annual-report PDFs from CNINFO, extract footnote text, and run LLM-based semantic analysis. Important points before installing: 1) The SKILL.md and code expect DEEPSEEK_API_KEY or KIMI_API_KEY (remote LLMs) or a local Ollama; the registry metadata incorrectly lists no required env vars — treat that as a transparency gap. 2) If you supply DEEPSEEK_API_KEY or KIMI_API_KEY, the skill will send extracted company texts to those external APIs — only do this if you trust their privacy and handling of uploaded data. 3) To avoid sending data off-host, use Ollama/local model or inspect/modify the code to disable remote API calls. 4) Run the skill in an isolated environment (VM/container) if you cannot fully review the code, and verify network activity during a test run. 5) If you need the skill but want more assurance, ask the publisher for a homepage/source repo, or request that the manifest explicitly list required env vars and a privacy note explaining what data is sent to remote services.

Like a lobster shell, security has layers — review code before you run it.

analysisvk9742pr8pahseth60b54ds9awn85qec1financevk9742pr8pahseth60b54ds9awn85qec1latestvk9742pr8pahseth60b54ds9awn85qec1llmvk9742pr8pahseth60b54ds9awn85qec1portraitvk9742pr8pahseth60b54ds9awn85qec1
58downloads
0stars
2versions
Updated 14h ago
v3.0.1
MIT-0
@mapufan
analysisfinancelatestllmportrait
Download

FN Portrait Toolkit

Financial report footnote extraction and analysis tool for Chinese A-share listed companies.

Quick Start

Prerequisites

Install Python dependencies:

uv pip install pandas openpyxl requests matplotlib numpy pillow pdfplumber filelock

Configure LLM (Choose one)

Option A: DeepSeek (Recommended for China)

export DEEPSEEK_API_KEY=sk-...

Option B: Moonshot

export KIMI_API_KEY=sk-...

Option C: Ollama (Local, no API key needed)

# Install and start Ollama
ollama pull gemma3:1b
ollama serve

Run Analysis

# Basic usage
python ~/.openclaw/skills/fn-portrait/scripts/fn_pipeline.py <stock_code> <company_name>

# Full example
python ~/.openclaw/skills/fn-portrait/scripts/fn_pipeline.py 688018 乐鑫科技 2023-2025 科创板

Parameters:

  • stock_code: 6-digit stock code (e.g., 688018)
  • company_name: Chinese company name (e.g., 乐鑫科技)
  • years: Year range (default: 2023-2025, format: YYYY or YYYY-YYYY)
  • plate: Stock exchange plate (default: 科创板, options: 科创板/创业板/沪主板/深主板)

Pipeline Steps

  1. Download PDFs - Fetch annual reports from CNINFO (巨潮资讯网)
  2. Extract Data - Parse financial footnotes using pdfplumber
  3. LLM Analysis - Semantic analysis of financial data
  4. Generate Portrait - Create visualization charts

Output Files

  • portraits/Portrait_<code>_<name>.png - Final visualization chart
  • output2/<code>_<name>/ - Extracted Excel data
  • output2/<code>_<name>/<code>_<name>_LLM分析结果.xlsx - LLM analysis results
  • RAWPDF/<name>PDF/ - Downloaded PDF files

Supported Financial Items

Balance Sheet Notes

  • Current Assets: 货币资金, 交易性金融资产, 应收票据, 应收账款, 存货分类
  • Non-current Assets: 固定资产情况, 在建工程, 商誉

Income Statement Notes

  • Revenue: 营业收入, 营业成本, 境内外毛利率
  • Expenses: 管理费用, 销售费用, 财务费用, 研发费用

Cash Flow Notes

  • Operating activities
  • Investing activities
  • Financing activities

Advanced Usage

Skip Steps

python fn_pipeline.py 688018 乐鑫科技 --skip-download  # Use existing PDFs
python fn_pipeline.py 688018 乐鑫科技 --skip-extract   # Use existing extracted data
python fn_pipeline.py 688018 乐鑫科技 --skip-llm       # Skip LLM analysis
python fn_pipeline.py 688018 乐鑫科技 --skip-portrait  # Skip chart generation

Custom Directories

python fn_pipeline.py 688018 乐鑫科技 --rawpdf-dir /path/to/pdfs --output-dir /path/to/output

Troubleshooting

Ollama Connection Error

Ensure Ollama is running: ollama serve

PDF Download Fails

Check internet connection and CNINFO website accessibility

Missing Fonts

Fonts are bundled in assets/fonts/. If display issues occur, install Noto CJK fonts system-wide.

References

Comments

Loading comments...