沪深300多因子投研系统 v5.1

The skill bundle contains hardcoded, plaintext credentials for JQData (username/phone and password) and a Tushare Pro API token across multiple files, including jq_config.py, tushare_config.py, call_auction_analysis.py, and full_analysis_v5.py. While the code appears to be a legitimate financial analysis tool for the Hushen 300 index and includes comprehensive modules for risk management and factor calculation, the inclusion of active third-party credentials in a distributable package is a significant security risk and highly irregular. No evidence of intentional data exfiltration or malicious backdoors was found, but the credential exposure warrants a suspicious classification.