Quant Architecture Review
v1.0.0量化架构设计审查技能。当用户说"审查架构"、"检查设计"、"优化架构"、"架构有问题"、"XX环节有问题"时自动触发。提供架构设计检查清单、常见问题识别、优化建议。适用于量化项目的设计审查阶段。
⭐ 0· 112·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description match the content: the SKILL.md is a detailed architecture review checklist for quant projects and does not request unrelated resources (no credentials, no binaries, no installs).
Instruction Scope
Runtime instructions are limited to checklists, review steps, report templates, and suggested practices. They do not ask the agent to read arbitrary files, access environment variables, call external endpoints, or exfiltrate data. Requests like '绘制架构图' are high-level guidance (expected for an architecture review) and do not imply hidden actions.
Install Mechanism
No install spec or code files are present (instruction-only). Nothing is downloaded or written to disk by the skill itself.
Credentials
The skill declares no environment variables, credentials, or config paths and the SKILL.md does not reference any undeclared secrets or external tokens.
Persistence & Privilege
always:false (default) and disable-model-invocation:false. The skill does not request permanent/privileged presence or modify other skills or system settings.
Scan Findings in Context
[no-findings] expected: The static scanner had nothing to analyze because this is an instruction-only skill (no code files); absence of findings is expected and not evidence of additional safety.
Assessment
This skill is coherent and appears safe as a checklist-style assistant for quant architecture reviews. Before installing or invoking it: (1) confirm you will not supply sensitive credentials or private data when asking for architecture diagrams or examples; the skill does not require any credentials but user-provided assets could contain secrets; (2) if you plan to have the agent generate diagrams or interact with repositories, grant only the minimal access necessary and review outputs; (3) verify trigger behavior in your agent platform (SKILL.md mentions automatic triggers, but platform settings control when the skill runs); and (4) if you need the skill to analyze actual code or data, inspect the results carefully for any accidental leakage of sensitive information. Overall there are no mismatches between purpose and requested capabilities.Like a lobster shell, security has layers — review code before you run it.
latestvk9758dfv95ty1fge8hyc93qz4d83q5fm
License
MIT-0
Free to use, modify, and redistribute. No attribution required.