ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

A Stock Digest

v1.0.0

Provides A-share stock daily signals scoring and hotspot theme identification for pre-market briefs and real-time alerts.

0· 71·0 current·0 all-time
by@cloudgg82-blip

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for cloudgg82-blip/a-stock-digest.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "A Stock Digest" (cloudgg82-blip/a-stock-digest) from ClawHub.
Skill page: https://clawhub.ai/cloudgg82-blip/a-stock-digest
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install a-stock-digest

ClawHub CLI

Package manager switcher

npx clawhub@latest install a-stock-digest
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The description says it provides A-share signals and hotspot identification, which matches the SKILL.md content, but the instructions reference external tooling (an RSS 'feed CLI'), a Feishu-related script (commands/candidate_pool_feishu.py) and specific workspace paths. The skill's metadata declares no required binaries or credentials, which is inconsistent: a Feishu integration and feed CLI would normally require tokens/APIs and a binary or script. This mismatch suggests missing declared requirements.
!
Instruction Scope
The runtime instructions tell the agent to run a Python script in ~/.openclaw/workspace/lib/a-stock-digest/.venv and to read/write files under ~/a-digest/. Because this is an instruction-only skill with no bundled code, it effectively instructs the agent to execute local code (if present) and access user home directories. That grants broad filesystem access in practice and relies on unspecified local scripts and environment — the instructions assume local artifacts that are not included or declared.
Install Mechanism
There is no install spec and no code files bundled, so nothing will be downloaded or installed by the skill itself. This minimizes supply-chain risk from the skill package, but shifts risk to whatever local scripts/tools the instructions call.
!
Credentials
The SKILL.md references Feishu and an RSS feed CLI but the skill requests no environment variables or credentials. Integrations with Feishu (or other messaging/APIs) normally require tokens or webhooks; the absence of declared credentials is disproportionate or incomplete. The skill also references user home paths — access to those directories would be needed but is not declared in metadata.
Persistence & Privilege
The skill is not marked always:true and is user-invocable only. It documents cron schedules and local storage paths, implying periodic operation, but it does not itself install cron jobs or persist configuration. There is no elevated platform privilege requested by the skill metadata.
What to consider before installing
This skill is instruction-only and expects local scripts/tools that are not included or declared. Before installing or running it: 1) Inspect the local paths mentioned (~/.openclaw/workspace/lib/a-stock-digest and ~/a-digest) and the file commands/candidate_pool_feishu.py — do not run unknown Python scripts without review. 2) Verify whether you have a 'feed CLI' and Feishu/webhook credentials and where they are stored; the skill does not declare needed env vars or tokens. 3) If you plan to run its cron schedule, add cron entries yourself only after auditing the called scripts. 4) Prefer to obtain the full source (or a trusted package) that contains the referenced scripts; ask the publisher for missing installation and credential instructions. 5) If you do run the skill, run it in an isolated environment (container or VM) and avoid exposing production credentials until you confirm exactly what the scripts do.

Like a lobster shell, security has layers — review code before you run it.

latestvk97fp1ebf9842nmsm8sne72b9n84c8wn
71downloads
0stars
1versions
Updated 2w ago
v1.0.0
MIT-0
@cloudgg82-blip
latest
Download

A股热点识别系统

A股量化信号打分 + 热点主题识别。Use when: (1) 用户请求A股日报/热点/信号 (2) 定时任务触发 (3) 盘中告警

系统架构

RSS源(英为财情) → feed CLI → 信号打分(0-100) → 主题识别 → 分类输出
                                           ↓
                            ┌─────────────┴─────────────┐
                          ≥75                          60-74
                         (alert)                      (brief)
                          ↓                              ↓
                       盘中告警                     盘前简报重点

信号打分模型

维度权重说明
催化强度0-40政策/业绩/订单/并购/负面
时间敏感度0-20盘中/盘前/盘后/旧闻
资金印证0-25涨停/资金流入/异动
舆情一致性0-15多源一致/单一来源

阈值

  • ≥75:盘中告警 + 观察池
  • 60-74:盘前简报重点
  • <60:收录但不打扰

热点主题识别

覆盖 15+ 核心主题:

  • AI算力、新能源车、半导体、医药医疗
  • 低空经济、人形机器人、光通信、存储
  • 并购重组、券商银行、地产基建、军工等

Commands

# 手动生成盘前Brief
cd ~/.openclaw/workspace/lib/a-stock-digest && .venv/bin/python3 commands/candidate_pool_feishu.py

# 查看今日简报
cat ~/a-digest/brief/pre_$(date +%Y%m%d).md

Cron 任务

任务时间内容
盘前Brief08:00信号打分+热点主题+观察池
盘后复盘15:20轮动复盘+命中率+明日预案

本地存储

~/a-digest/
├── raw/        # 原始数据
├── seen/       # 已处理ID (去重)
├── brief/      # 简报
├── alerts/     # 告警
└── review/    # 复盘

更新日志

  • 2026-03-04: 集成热点主题识别,支持15+主题

Comments

Loading comments...