Qc Order Forensics

v1.0.0

Forensic diagnosis engine for backtest order data — trade quality, ROI attribution, monthly cashflow, drawdown root-cause analysis, and LLM-readable reports.

⭐ 0· 98·0 current·0 all-time

by@tltby12341

MIT-0

Download zip

LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Benign

medium confidence

✓

Purpose & Capability

Name/description, SKILL.md, and forensics.py align: it reads orders.csv and optional result.json and produces diagnostics. Declared runtime (python3) and requirements (pandas, numpy) are appropriate for this purpose.

✓

Instruction Scope

Runtime instructions and examples only reference local files (orders.csv, result.json) and producing an LLM-readable report. SKILL.md does not instruct reading unrelated system files or sending data to external endpoints.

✓

Install Mechanism

No install spec (instruction-only) and included requirements.txt is reasonable. Because there's no automated install, the user/agent must ensure pandas/numpy are available; there is no download-from-URL or extraction behavior to review.

✓

Credentials

No environment variables, credentials, or config paths are requested. The skill appears to operate on local CSV/JSON inputs only.

✓

Persistence & Privilege

always:false and no special privileges requested. The skill does not ask to modify other skills or system settings. Autonomous invocation is allowed by default (platform behavior) but is not combined with other red flags.

Assessment

This skill appears to be a local Python tool that analyzes QuantConnect-style order CSVs and optional result.json. Before installing/running: 1) Run it in an isolated environment (virtualenv/container) and install pandas/numpy per requirements.txt. 2) Test on non-sensitive sample CSVs to confirm outputs; the code has some non-security bugs (e.g., cashflow sign/aggregation logic) that can affect results. 3) Review the full forensics.py file yourself (the listing provided to me was truncated) to ensure there are no unexpected network calls or hidden behavior in the unseen portion. 4) If you want to limit risk, disable autonomous invocation for this skill or require explicit user invocation. 5) Do not feed production PII or secret account files into the tool until you’ve validated the full source and outputs.

Like a lobster shell, security has layers — review code before you run it.

latestvk975tv9490ccbyt27393zd4e2x832ptp

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔬 Clawdis

Binspython3

Qc Order Forensics

License

Runtime requirements

Comments