← Back to Skills Marketplace
69
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install a-stock-morning
Description
Sends a daily 9:45 AM summary of the A-share market open, including key indices, top sectors, volume, and trading suggestions via Feishu.
README (SKILL.md)
A股早盘提醒
每个A股开盘日 9:45 通过飞书发送当日开盘情况总结。
触发条件
- 时间:每交易日 9:45(周一至周五)
- 时区:Asia/Shanghai
- 注意:节假日需额外判断
内容
- 上证指数、深证成指、创业板指
- 沪深300指数
- 涨跌分布统计
- 热门板块 Top 5
- 成交额
- 操作建议
实现
使用腾讯股票 API 获取实时数据:
- 指数:
https://qt.gtimg.cn/q={code}
发送
通过 OpenClaw 飞书通道发送给用户。
使用方法
# 仅生成报告
node scripts/morning-summary.mjs
# 生成并发送到飞书
node scripts/morning-summary.mjs --send
Cron 定时任务
设置每天 9:45 执行(OpenClaw 会自动判断是否为交易日):
openclaw cron add "45 9 * * 1-5" --skill a-stock-morning -- --send
Usage Guidance
This skill's purpose (send an A-share morning report via Feishu) is plausible and most behavior is readable, but there are red flags you should address before installing: 1) The script execs a Python script from an absolute developer path (/Users/chris/...), which will fail for most users and — importantly — will run code not included in the package. Ask the author what that dependency is, request they bundle or document the tavily script (and avoid absolute paths). 2) The package declares no required binaries or env vars, yet it uses the openclaw CLI and python3 and expects a Feishu webhook/config; require these to be documented (FEISHU_WEBHOOK, python3, openclaw CLI). 3) execSync runs shell commands; unknown Python scripts could exfiltrate or run arbitrary operations. If you still want to use it: run it in a sandboxed environment, inspect the external python script's source before allowing execution, or ask the author to remove shell-exec of external repos and replace with documented API calls or bundled code. If the author cannot justify or fix the tavily dependency and the absolute paths, treat the skill as risky and do not grant it access to production credentials or sensitive environments.
Capability Analysis
Type: OpenClaw Skill
Name: a-stock-morning
Version: 1.0.0
The script `scripts/morning-summary.mjs` contains hardcoded absolute paths to a specific user's home directory (`/Users/chris/...`), which is highly irregular and non-portable for a shared skill bundle. Furthermore, it uses `execSync` to execute shell commands with insufficient sanitization (only escaping double quotes and newlines), creating a shell injection vulnerability if data fetched from the external Tencent Stock API or Tavily search results contains shell metacharacters like backticks or dollar signs.
Capability Assessment
Purpose & Capability
Name/description claim: send a 9:45 A-share summary via Feishu. The main script implements that (fetches Tencent index data, formats a report, sends via OpenClaw). However the script also invokes an external 'tavily_search.py' via execSync using an absolute developer path (/Users/chris/.openclaw/workspace/skills/openclaw-tavily-search). That dependency is neither documented in SKILL.md nor declared in requirements (binaries/env), so the code requires more than the stated purpose and declared requirements.
Instruction Scope
SKILL.md only mentions fetching Tencent API data and sending via the OpenClaw Feishu channel. The actual runtime code expands scope by running shell commands to execute a local Python script (for fund flow and sector data). SKILL.md does not document this 'Tavily' dependency or the absolute path; executing that external script is out-of-band relative to the documented instructions.
Install Mechanism
There is no install spec (instruction-only) which is low-risk in itself, but the code uses child_process.execSync to run external commands and expects external tools (python3 and an external local repo). Because the script executes another repository's Python script (via cd to an absolute path), it will run code not included in the package — this is high-risk behavior for an instruction-only skill.
Credentials
Registry metadata declares no required env vars, but README and the send routine imply use of a FEISHU_WEBHOOK or OpenClaw Feishu channel; the script calls the openclaw CLI and a python script, yet no required binaries (python3, openclaw CLI) or env variables are declared. The absolute path reference potentially touches user-specific directories and assumes a particular developer workspace, which is disproportionate and undocumented.
Persistence & Privilege
The skill does not request always:true and does not modify other skills or global config. It uses the OpenClaw CLI to send messages and cron is suggested in SKILL.md, but nothing indicates elevated or persistent platform privileges beyond normal operation.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install a-stock-morning - After installation, invoke the skill by name or use
/a-stock-morning - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
A股早盘提醒技能首发,自动发送每日开盘信息。
- 每交易日 9:45 推送A股主要指数、板块和成交额总结
- 统计涨跌分布与热门板块前五
- 支持生成报告或自动发送到飞书
- 基于腾讯股票API获取实时数据
- 可与OpenClaw定时任务自动集成
Metadata
Frequently Asked Questions
What is A Stock Morning?
Sends a daily 9:45 AM summary of the A-share market open, including key indices, top sectors, volume, and trading suggestions via Feishu. It is an AI Agent Skill for Claude Code / OpenClaw, with 69 downloads so far.
How do I install A Stock Morning?
Run "/install a-stock-morning" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is A Stock Morning free?
Yes, A Stock Morning is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does A Stock Morning support?
A Stock Morning is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created A Stock Morning?
It is built and maintained by chrislzg (@chrislzg); the current version is v1.0.0.
More Skills