ClawHub

Skills of A-share performance data released by ft.tech.

v1.0.0

A 股业绩大全技能集。覆盖业绩快报、业绩预告、现金流量表、利润表、资产负债表(单票历期与指定报告期全市场,market.ft.tech)。用户询问业绩快报、业绩预告、三表、单票或全市场某报告期时使用。

0· 82·0 current·0 all-time
by@shawn92
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the implementation: each sub-skill issues simple HTTP GETs to market.ft.tech to retrieve specified financial reports. No unrelated environment variables, binaries, or configuration paths are required.
Instruction Scope
SKILL.md instructs the agent to call run.py which dispatches to per-subskill handlers. The handlers only accept CLI args and perform GET requests to the documented endpoints; they do not read arbitrary files, environment variables, or send data to other endpoints.
Install Mechanism
No install spec is provided (instruction-only packaging with included scripts). No downloads or package installations are performed by the skill itself, so there is low install-time risk.
Credentials
The skill declares no required env vars, credentials, or config paths. Handlers do not access environment-sensitive data. Requested inputs are limited to stock/report parameters, which are proportional to the task.
Persistence & Privilege
always is false and the skill does not modify other skills or system configuration. It runs only when invoked and does not request persistent privileges.
Assessment
This skill appears to do exactly what it claims: run included Python scripts that query https://market.ft.tech for A‑share financial reports. Before installing, consider: (1) the skill makes network calls to market.ft.tech — confirm you trust that external service and its privacy/usage terms; (2) avoid passing any sensitive secrets or credentials as CLI parameters (the handlers forward whatever arguments they receive); and (3) because the skill executes Python code included in the bundle, review the files locally if you want extra assurance. There are no odd environment or install requirements and no evidence of data exfiltration beyond the documented API calls.

Like a lobster shell, security has layers — review code before you run it.

latestvk9731dqd52exvwphypf7acjzfn83hfpf

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments