ClawHub

Skills of convertible bond data released by ft.tech.

v1.0.2

A 股可转债数据技能集(market.ft.tech)。覆盖可转债全量列表、单只可转债基础信息(转股价、转股价值、到期日、发行规模等)、单标的历史 K 线(支持可转债)。用户询问可转债列表、某只转债详情、转股价/转股价值、转债 K 线/历史行情时使用。

46· 273·0 current·0 all-time
by@shawn92
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the code and SKILL.md: all handlers call https://market.ft.tech endpoints to fetch convertible-bond lists, base data, candlesticks, or trade-date info. No unrelated binaries, env vars, or services are requested.
Instruction Scope
SKILL.md instructs the agent to execute run.py which in turn runs local handler scripts; those handlers only build HTTP requests to market.ft.tech and print JSON. They do not read arbitrary files, access extra env vars, or transmit data to other endpoints. Note: the skill runs local Python scripts (sub-skills) via subprocess, which is expected for this architecture.
Install Mechanism
No install spec or external downloads. The skill is instruction+script based and relies on standard Python library (urllib); nothing is written to disk at install time beyond the existing files.
Credentials
The skill declares no required environment variables, credentials, or config paths. All HTTP calls are unauthenticated to the documented market.ft.tech endpoints, matching the stated purpose.
Persistence & Privilege
always is false and the skill does not modify other skills or system-wide settings. The skill can be invoked autonomously (default), which is normal for skills; this combined with no broad credentials keeps risk low.
Assessment
This skill appears internally consistent: it executes local handler scripts that call https://market.ft.tech to fetch convertible-bond data and does not request secrets or install software. Before installing, confirm you trust the source and the market.ft.tech domain (the skill will make network requests to it). Also ensure the skill files come from a trusted publisher because run.py executes the local sub-skill scripts—if those files were tampered with, they could perform other actions. If you need stricter control, run the scripts in an isolated environment or review the handler code line-by-line (the repository is short and readable).

Like a lobster shell, security has layers — review code before you run it.

latestvk9798ajcmqbm5j9znatewcnnbn837jy4

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments