← Back to Skills Marketplace
68
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install stock-rumors
Description
Scan M&A, insider, analyst, social, and regulatory rumor signals through AISA. Use when: the user asks about early market signals, rumors, insider activity,...
Usage Guidance
This skill appears to do what it says (call AISA to scan for rumor signals) but has a few gaps you should address before installing: 1) Only give it an AISA API key if you trust the AISA provider and the skill source; verify the GitHub repo/author in _meta.json and confirm the registry owner. 2) The script can read AISA_BASE_URL and AISA_MODEL environment variables (not documented) — avoid setting those unless you know why; be cautious about redirecting the endpoint. 3) The code requires the Python 'openai' package but the skill provides no install steps; run it in an isolated environment (venv/container) and inspect the code yourself. 4) If you plan to use a real API key, consider testing with a limited/revocable key and monitor network activity. If any of the provenance or undocumented env behaviors are unacceptable, do not install.
Capability Analysis
Type: OpenClaw Skill
Name: stock-rumors
Version: 1.0.0
The stock-rumors skill bundle is a legitimate financial intelligence tool designed to scan for market signals like M&A rumors and insider trading via the AISA API. The Python script (scripts/rumor_scanner.py) is well-structured, using standard libraries to interact with a remote API (api.aisa.one) without any evidence of local data exfiltration, unauthorized execution, or obfuscation. The SKILL.md instructions are clearly aligned with the stated purpose and even include explicit 'When NOT to Use' constraints to prevent the agent from attempting to access sensitive local credentials.
Capability Tags
Capability Assessment
Purpose & Capability
The name/description (scan rumors via AISA) aligns with the code: the script calls an LLM client against an AISA endpoint to generate rumor reports. Requiring a single API key (AISA_API_KEY) and python3 is proportionate. Minor provenance inconsistency: registry metadata lists owner ID kn77... while _meta.json points to a GitHub repo owner '0xjordansg-yolo' — this mismatch doesn't prove maliciousness but is worth checking.
Instruction Scope
SKILL.md instructs only to run the bundled Python script, which is what the code does. However, the script reads environment variables not declared in requires.env (AISA_BASE_URL and AISA_MODEL) and will send prompts to an external API (AISA). The instructions explicitly avoid accessing local secrets, and the code does not read other local files or credentials, so there is no direct local credential access. The undeclared env vars give the skill extra, undocumented flexibility (e.g., redirecting requests to a custom endpoint).
Install Mechanism
There is no install spec (instruction-only), which reduces installer risk. However, the script depends on the 'openai' Python package (not declared in SKILL.md's requires or installed automatically). The script includes a comment listing dependencies but provides no installation steps; running it without installing dependencies will fail. No downloads or obscure URLs are used.
Credentials
The declared required env var (AISA_API_KEY) is appropriate for a service integration. But the runtime code also reads AISA_BASE_URL and AISA_MODEL (optional) which are not declared in requires.env. That means the skill can be pointed at a different API endpoint or model via environment variables without that being documented in the manifest — a potential surprise for users who expect only the declared credential to be used.
Persistence & Privilege
The skill is not always-enabled and does not request elevated or persistent platform privileges. It does not modify other skills or system configuration. Autonomous invocation remains possible (the platform default) but is not combined with additional high privileges here.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install stock-rumors - After installation, invoke the skill by name or use
/stock-rumors - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
- Initial release of stock-rumors skill.
- Scans and ranks M&A, insider, analyst, social, and regulatory rumor signals.
- Designed to assist with early market signals, insider activity, analyst changes, and takeover chatter.
- Requires AISA_API_KEY and Python 3 environment.
- Provides guidance on appropriate and inappropriate use cases.
- Reminds users that rumors are unconfirmed and should be independently verified.
Metadata
Frequently Asked Questions
What is stock-rumors?
Scan M&A, insider, analyst, social, and regulatory rumor signals through AISA. Use when: the user asks about early market signals, rumors, insider activity,... It is an AI Agent Skill for Claude Code / OpenClaw, with 68 downloads so far.
How do I install stock-rumors?
Run "/install stock-rumors" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is stock-rumors free?
Yes, stock-rumors is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does stock-rumors support?
stock-rumors is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created stock-rumors?
It is built and maintained by bibaofeng (@bibaofeng); the current version is v1.0.0.
More Skills