小五子 - 理财分析

v1.0.0

监测黄金、债券等资产，捕捉滞胀信号，自动分析宏观环境并推送预警至Feishu平台。

⭐ 0· 98·0 current·0 all-time

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for tonicpopo/xiaowuzi-gene-financial.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "小五子 - 理财分析" (tonicpopo/xiaowuzi-gene-financial) from ClawHub.
Skill page: https://clawhub.ai/tonicpopo/xiaowuzi-gene-financial
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install xiaowuzi-gene-financial

ClawHub CLI

Package manager switcher

npx clawhub@latest install xiaowuzi-gene-financial

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Suspicious

medium confidence

Purpose & Capability

The skill claims it will monitor market assets (gold, bonds) and push alerts to Feishu, but the package declares no required environment variables, API keys, or data-source configuration. A legitimate implementation would normally require market-data API credentials and a Feishu webhook/token; their absence is unexplained.

Instruction Scope

SKILL.md is a short, high-level workflow with no concrete runtime steps, no specified data sources, no authentication method for Feishu, and no safeguards. Because it gives the agent broad, unspecified goals, an implementation could reasonably attempt to use any available network endpoints or existing credentials unless further constrained.

✓

Install Mechanism

Instruction-only skill with no install spec and no code files — lowest install risk (nothing is written to disk by an installer).

Credentials

No credentials or config paths are declared despite the stated need to push alerts to Feishu and to access market data. This mismatch is disproportionate: at minimum a Feishu webhook/ token and market-data API keys would normally be required but are not listed.

✓

Persistence & Privilege

always:false (no forced persistent inclusion). disable-model-invocation is false (agent may call the skill autonomously) — this is the platform default and not by itself problematic given the other concerns.

What to consider before installing

This skill is vague about how it would work and omits the credentials and data sources it would need. Before installing, ask the publisher to provide: (1) a concrete SKILL.md that lists required environment variables (e.g., FEISHU_WEBHOOK or FEISHU_TOKEN and the market-data API key names), exact endpoints, and example requests; (2) whether the skill will store or transmit your credentials and where; and (3) which market-data providers it uses. Prefer providing a dedicated, least-privilege Feishu webhook (not a full account token) and scoped market-data keys, test the skill in a sandboxed environment first, and do not grant unrelated cloud or admin credentials. If the publisher cannot supply concrete runtime details, treat the skill as risky and avoid installing it.

Like a lobster shell, security has layers — review code before you run it.

bondvk971ewyab1dbynpqqc1761csp983ssgjfinancevk971ewyab1dbynpqqc1761csp983ssgjgoldvk971ewyab1dbynpqqc1761csp983ssgjlatestvk971ewyab1dbynpqqc1761csp983ssgjxiaowuzivk971ewyab1dbynpqqc1761csp983ssgj

98downloads

0stars

1versions

Updated 1mo ago

v1.0.0

MIT-0

# 理财分析工作流 (Financial Analysis)

专注于市场宏观信号的捕捉与自动化交易逻辑分析。

1. 多资产监测：覆盖黄金 (Gold)、债券 (Bond) 等核心资产。

2. 滞胀信号捕捉：针对复杂宏观环境设计的监控逻辑。

3. 自动预警：支持将实时分析结论推送到 Feishu 等平台。

Comments

Loading comments...