ClawHub

multi-factor-strategy

v1.0.0

Guide users to create multi-factor stock selection strategies and generate independent YAML configuration files

3· 3.8k·15 current·15 all-time
by@wumu2013
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the SKILL.md: it guides users to design multi-factor stock-selection strategies and produce YAML configs. The instructions reference QuantCLI and factor files under a local factors/ or alpha101/ directory, which is coherent for this purpose.
Instruction Scope
Instructions tell the user/agent how to install quantcli (pip or git clone) and how to run quantcli filter run -f your_strategy.yaml. They reference local paths (factors/, {baseDir}/alpha101) and expect the user to provide YAML and factor files — this is expected but means the agent will operate on local files the user supplies. No instructions request arbitrary system files, secrets, or exfiltration.
Install Mechanism
The registry has no install spec (instruction-only). SKILL.md recommends pip install quantcli (PyPI) or cloning from gitcode.com. Using PyPI is standard; cloning from a less-known git host (gitcode.com) is a minor provenance note to verify if you choose the source install.
Credentials
The skill declares no required environment variables, credentials, or config paths and the instructions do not ask for secrets. (Be aware that quantcli or your data provider may later require API keys or credentials, but those are external to this skill and not requested here.)
Persistence & Privilege
always is false and there is no install-time behavior declared. This instruction-only skill does not request persistent or elevated agent presence.
Scan Findings in Context
[no-regex-findings] expected: The static scanner found no matches because this is an instruction-only skill with no code files; that is expected and not evidence of safety by itself.
Assessment
This skill is coherent: it helps craft QuantCLI YAMLs and instructs installing/running QuantCLI. Before installing/using: (1) prefer pip install quantcli from PyPI and verify the package's provenance and recent release history; (2) be cautious if you clone from an unfamiliar Git host (gitcode.com)—inspect the source first; (3) review any generated YAML and factor files before running them, since running quantcli will execute code against your data and local filesystem; (4) expect that QuantCLI or your data feeds may require separate market-data API keys or credentials—those are not requested by this skill but may be required to use the tool; (5) if you want stricter guarantees, ask the skill author for a homepage or repository link and inspect the quantcli package source and dependencies.

Like a lobster shell, security has layers — review code before you run it.

latestvk9707pa48gyj79yd97na2a9j4x80bjtg

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments