ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

股票全面分析v3

v3.0.0

股票全面分析 v3.0 - 港股/美股/A股 + 富途数据源 + 技术指标(RSI/MACD) + 多源新闻 + 财报分析 + 7大板块报告

0· 307·0 current·0 all-time
by@gaoren36-arch

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for gaoren36-arch/gaoren-stock-analyst.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "股票全面分析v3" (gaoren36-arch/gaoren-stock-analyst) from ClawHub.
Skill page: https://clawhub.ai/gaoren36-arch/gaoren-stock-analyst
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required binaries: python
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install gaoren-stock-analyst

ClawHub CLI

Package manager switcher

npx clawhub@latest install gaoren-stock-analyst
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description match the code: the repository implements market quotes, technical indicators, news aggregation and financial analysis for HK/A/US markets and calls reasonable external data endpoints (qt.gtimg.cn, finnhub.io, futunn.com, ai.6551.io, eastmoney search, etc.). Declared requirement 'python' is correct. SKILL.md declares 'browser' capability (for futu scraping) although most code uses HTTP requests; the browser capability is plausible but not strictly required by many files.
!
Instruction Scope
Runtime instructions and code make outgoing network calls to multiple third‑party services for quotes and news (expected for this skill) but also access environment variables and include test scripts that try to read tokens (e.g., LONGBRIDGE_ACCESS_TOKEN). The SKILL.md does not declare those env vars. Multiple files embed a hard-coded Finnhub API key and the main Python modules will use an environment override (FINNHUB_API_KEY) if present — this mismatch between declared requirements and actual runtime behavior is concerning and should be reviewed.
Install Mechanism
No install spec; code is instruction-and-script based and relies on Python and requests. That is low risk from an install-download perspective (nothing is pulled from arbitrary URLs at install time).
!
Credentials
No required env vars were declared, yet code contains a hard-coded Finnhub key ('d6nucg1r01qse5qn5e90d6nucg1r01qse5qn5e9g') used in many files (analyze_stock.py, company_info.py, report_v2.py, report_v3.py, jd_logistics.py, test_stock.py, stock_analyst.py default fallback). Some test files also read LONGBRIDGE_ACCESS_TOKEN from the environment. Asking for or embedding API keys without declaring them is disproportionate and may expose a leaked/shared key or cause unexpected network access; the skill should instead declare required credentials and document how keys are used.
Persistence & Privilege
Skill is not 'always' included and is user-invocable. It does not request elevated or cross-skill configuration, and there is no install-time modification of other skills or system settings observed.
Scan Findings in Context
[HARDCODED_API_KEY_FINNHUB] unexpected: Multiple files contain a hard-coded Finnhub API token string. While the skill legitimately needs market-API access, embedding a secret in code instead of using a declared env var is unexpected and raises concerns about key ownership and misuse.
What to consider before installing
What to consider before installing/using this skill: - Hard-coded API key: The code contains a Finnhub API token baked into many scripts. That may be a demo/shared key or a leaked secret; do not assume it's safe. Prefer replacing it with your own FINNHUB_API_KEY stored in environment variables and confirm the key's permissions and rate limits. - Undeclared environment usage: Some test scripts reference LONGBRIDGE_ACCESS_TOKEN and the main code will use FINNHUB_API_KEY if present — but the SKILL metadata declares no required env vars. Expect the skill to access network endpoints; review which tokens you provide. - Network access: The skill makes many outgoing HTTP requests to third-party services (qt.gtimg.cn, finnhub.io, futunn.com, ai.6551.io, eastmoney search, longbridge APIs). Run it in a sandbox or with network monitoring if you are cautious. - Remove or inspect test scripts: Several test_* and debug_* files perform additional API calls and could be run accidentally. Consider removing or auditing them before execution. - Source trust: The package lists an unknown source and no homepage. If possible, obtain the code from a trustworthy upstream (or contact the author) and verify the provenance. If you want to use this skill safely: run it in an isolated environment, set your own API keys via environment variables (do not rely on the embedded key), and remove or disable test/debug scripts that you do not need.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

Binspython
latestvk97491r4qgyzzgygrzgkv90fzs836pxr
307downloads
0stars
1versions
Updated 14h ago
v3.0.0
MIT-0
@gaoren36-arch
latest
Download

Stock Analyst v3.0 - 股票全面分析系统

简介

专业股票分析系统,支持港股、美股和A股全面分析。

数据源

市场主要数据源备用
港股富途牛牛 (浏览器)腾讯财经
美股Finnhub API富途
A股腾讯财经API-

新闻来源 (多源)

  1. 富途新闻 - 实时个股新闻
  2. 6551科技新闻 - 市场热点
  3. 财经门户 - 综合财经资讯

功能特性

1. 实时行情

  • 价格、涨跌幅
  • 总市值、市盈率
  • 52周高低点
  • 资金流向

2. 技术指标

  • RSI(14) - 相对强弱指标
  • MACD - 指数平滑异同移动平均线
  • MA(5/10/20) - 移动平均线
  • 支撑/阻力位分析

3. 财报分析

  • P/E (市盈率) 估值
  • P/B (市净率) 估值
  • ROE (净资产收益率)
  • 毛利率、净利率
  • 资产负债率
  • 估值评分 (低估/合理/高估)

4. 新闻分析 (多源)

  • 实时新闻抓取
  • 情绪分析 (利好/利空/中性)
  • 热点追踪

5. 综合报告 (7大板块)

  1. 基本信息
  2. 实时行情
  3. 技术指标
  4. 同类公司对比
  5. 行业背景
  6. 新闻分析
  7. 综合判断与操作建议

支持的股票

港股

03998 波司登 | 01833 平安好医生 | 06060 众安在线 | 00700 腾讯 | 09988 阿里巴巴

美股

JD 京东 | BABA 阿里巴巴 | TSLA 特斯拉 | AAPL 苹果 | NVDA 英伟达

A股

601857 中国石油 | 600519 贵州茅台 | 300750 宁德时代 | 002594 比亚迪

使用方式

分析 03998
查一下波司登
分析港股 01833

报告示例

=================================================================
  股票全面分析报告 - 03998
=================================================================

1️⃣ 基本信息
股票名称: 波司登国际控股有限公司
股票代码: 03998
市场: 港股

2️⃣ 实时行情
当前价格: HK$4.13
涨跌幅: +0.98%
市盈率: 12.33

3️⃣ 技术指标
RSI(14): 58.5
MACD: 0.0234
MA5: 4.12

4️⃣ 同类公司对比
(见富途)

5️⃣ 行业背景
羽绒服行业龙头

6️⃣ 新闻分析
情绪: 利好
近期3条利好

7️⃣ 综合判断
评分: 72/100
评级: 建议买入

=================================================================

版本历史

  • v3.0.0: 多源新闻 + 财报分析 + 7大板块报告
  • v2.1.0: 富途数据源
  • v1.0.0: 初始版本

Comments

Loading comments...