股票技术分析 (Stock Technical Analysis)
v1.0.2提供股票K线数据及计算KDJ、MACD、BOLL、MA技术指标,支持资金流向排名和综合买卖信号分析。
⭐ 0· 30·0 current·0 all-time
byZafer Liu@zaferliu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description match the included code: eastmoney_spider.py fetches K-line and capital-flow data from Eastmoney endpoints; indicators.py and stock_analyze.py compute KDJ/MACD/BOLL/MA and produce reports. No unrelated binaries, env vars, or config paths are requested.
Instruction Scope
SKILL.md instructs importing the provided modules and running functions or CLI; runtime actions are limited to HTTP requests to eastmoney endpoints and local computations. The instructions do not ask the agent to read unrelated files or environment variables. Note: API responses may include futures/debt data (the README/SKILL.md already warns of this).
Install Mechanism
There is no external install script or download URL; the package includes source files and a small requirements.txt (requests/pandas/numpy). No extract-from-URL or untrusted remote installation is present.
Credentials
The skill requires no environment variables or credentials. Network access to Eastmoney public APIs is expected for its purpose. No secrets or unrelated service tokens are requested.
Persistence & Privilege
always is false and the skill does not request elevated or persistent platform privileges. It contains no code that modifies other skills or system-wide agent settings.
Assessment
This skill appears coherent and implements what it claims: it fetches public data from Eastmoney and calculates trading indicators. Before installing, consider: 1) The source is listed as unknown — review the bundled code yourself or run it in an isolated environment (virtualenv/container) if provenance matters. 2) The skill makes network requests to eastmoney.com endpoints — ensure that outbound network access is acceptable and that use complies with Eastmoney's terms. 3) Install only the listed Python dependencies (requests, pandas, numpy) from PyPI and keep them up to date. 4) Don't treat outputs as investment advice; validate results against other sources before acting on them. If you'd like, I can highlight any specific lines in the code for deeper review or run a small static check for risky patterns (shell exec, external unknown hosts, credential usage).Like a lobster shell, security has layers — review code before you run it.
latestvk971g3c3awyrck3park2v9wjmh8471dr
License
MIT-0
Free to use, modify, and redistribute. No attribution required.