ClawHub

SaffronAI ETF Data

v1.0.0

Fetch Indian ETF tracker data (symbol, lastPrice, iNAV, timestamps) from SaffronAI (saffronai.in) and return it as JSON or filtered rows. Use when the user a...

0· 108·0 current·0 all-time
by@subscriptionmanager26-png
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The code and SKILL.md align with the stated purpose (fetch ETF CSV from saffronai.in and convert/filter it). One minor inconsistency: the Python script invokes the external 'curl' binary but the skill metadata lists no required binaries; the skill should declare 'curl' as a dependency or use a pure-Python HTTP client.
Instruction Scope
Runtime instructions are narrowly scoped to fetching the public endpoint, parsing CSV, and returning filtered rows/JSON/CSV. The instructions do not ask the agent to read unrelated files, environment variables, or exfiltrate data to other endpoints.
Install Mechanism
No install spec — the skill is delivered as a small Python script and README. There are no downloads or extract steps and no third-party package installs in the manifest.
Credentials
The skill requires no credentials or environment variables. This is appropriate for accessing a public HTTP endpoint that requires no auth.
Persistence & Privilege
The skill is not always-on and is user-invocable. It allows autonomous invocation (the platform default), which is expected behavior for skills and is not excessive here.
Assessment
This skill appears coherent and limited to fetching public ETF data from saffronai.in and converting/filtering it. Before installing: (1) ensure the host environment has 'curl' on PATH (or update the skill to declare that dependency or use Python requests); (2) be aware the script makes network requests to saffronai.in — if that site were compromised it could return unexpected data; (3) review the included Python file if you need stricter validation (it keeps values as strings and does minimal validation); and (4) note the script uses subprocess to run curl, so ensure no untrusted 'curl' wrapper is present on your system. No credentials are requested by this skill.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bmqrf2wyjah2m13h5q6rh9183dr68

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments