Free A Share Real Time Data
PassAudited by ClawScan on May 1, 2026.
Overview
This skill appears to be a coherent market-data helper for mootdx/TDX, with the main caution being that its user-run setup script installs an unpinned third-party Python package and patches a mootdx dependency at runtime.
This skill looks safe for its stated purpose of fetching public China A-share market data. Before installing, run it in a virtual environment if possible, review the mootdx dependency you are installing, and be aware that the script patches tdxpy's trading-hour check to allow calls that the library might otherwise block.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the setup can install new third-party Python code into the user's environment.
The user-run setup script installs the mootdx package from the Python package index without a pinned version or lockfile. This is expected for a mootdx-based skill, but it means the installed code depends on external package provenance.
subprocess.check_call([sys.executable, "-m", "pip", "install", "mootdx"])
Install in a virtual environment, consider pinning a reviewed mootdx version, and use trusted package indexes.
The tool may make TDX transaction-data calls at times when the underlying library would normally suppress them.
The skill explicitly changes a dependency's trading-hour check so transaction APIs can run despite timezone differences. This is disclosed and aligned with the market-data purpose, but it bypasses a built-in guard.
Monkey-patch `tdxpy.hq.time_frame` to always return `True`: `tdxpy.hq.time_frame = lambda: True`
Use the patch only when needed for timezone-related access, and keep this behavior isolated to the process or environment where the skill is used.