← Back to Skills Marketplace

Opensanctions Watchlist

Name: Opensanctions Watchlist
Author: tangweigang-jpg

by Tang Weigang · GitHub ↗ · v0.3.2 · MIT-0

cross-platform ⚠ suspicious

109

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install opensanctions-watchlist

Description

OpenSanctions 黑名单合规筛查：国际制裁名单、PEP（政要）、高风险人物数据的抓取、去重、匹配与版本归档。适用于 KYC 和 AML 尽调。

Usage Guidance

This bundle is internally inconsistent: it claims to be a sanctions/PEP watchlist but contains trading/backtest content and runtime steps that reference ZVT and shell/python commands. Before installing or invoking it: 1) Ask the publisher/source — where did this come from? 2) Inspect seed.yaml and SKILL.md yourself (they are bundled) to confirm intended behavior. 3) Do not run the included precondition commands (pip install zvt, zvt.init_dirs, or python3 -m zvt.*) on a production machine; use an isolated sandbox if you want to test. 4) Expect the skill to ask for external data-provider credentials at runtime even though none are declared — do not enter secrets until you verify necessity. 5) If you only need sanctions/PEP lookups, prefer a simpler, provenance-clear skill (or official OpenSanctions integrations) rather than this mixed bundle.

Capability Analysis

Type: OpenClaw Skill Name: opensanctions-watchlist Version: 0.3.2 The skill bundle exhibits a major structural discrepancy between its stated purpose (OpenSanctions/KYC compliance) and its actual operational logic, which is almost entirely focused on quantitative stock trading using the ZVT framework. SKILL.md and seed.yaml contain 'Fatal' semantic locks (e.g., SL-01, SL-08) and architectural stages (trading_execution) that govern stock trading and MACD indicators, which are irrelevant to a sanctions watchlist. While no explicit evidence of data exfiltration or malicious execution (like reverse shells) was found, the mismatch suggests either a severely misconfigured bundle or a 'Frankenstein' template that could lead to unpredictable agent behavior when executing financial instructions.

Capability Tags

cryptorequires-walletrequires-sensitive-credentials

Capability Assessment

⚠ Purpose & Capability

Name/description advertise OpenSanctions-style sanctions/PEP screening for KYC/AML, but SKILL.md and companion files contain many trading/backtest elements (ZVT, MACD parameters, trading semantic locks, 'trading_execution' in pipeline and human_summary focused on A-share quant flows). That mismatch suggests the bundle was merged or compiled with unrelated blueprints; the extra trading scope does not belong to a pure sanctions watchlist.

⚠ Instruction Scope

Although instruction-only (no code), SKILL.md and seed.yaml instruct the agent to reload seed.yaml, run preconditions that execute python commands, check ZVT_HOME, run zvt recorders, and possibly install packages (pip install zvt). These instructions reference filesystem paths, run shell/python commands, and require re-reading bundled files — actions beyond simple read-only sanctions lookups and not reflected in the declared requirements.

ℹ Install Mechanism

No install spec or binaries are declared (lowest install risk). However seed.yaml's execution_protocol mentions install recipes and preconditions that instruct pip installs and zvt init commands; the skill bundle itself contains large data (seed.yaml) that the agent is told to re-read. Lack of an explicit install spec is inconsistent with those instructions.

⚠ Credentials

Registry metadata lists no required env vars/credentials, yet runtime docs reference environment variables (ZVT_HOME) and ask the user to choose data providers (some of which require accounts/keys: joinquant, qmt). The skill may prompt for or rely on external credentials at runtime despite not declaring them up-front.

ℹ Persistence & Privilege

always:false and no special privileges are requested. Still, instructions include commands that create/modify user directories (~/.zvt), run pip installs, and require reloading seed.yaml; these can write to the host filesystem and install packages if followed, so exercise caution even though the skill isn't marked always:true.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install opensanctions-watchlist
After installation, invoke the skill by name or use /opensanctions-watchlist
Provide required inputs per the skill's parameter spec and get structured output

Version History

v0.3.2

v0.3.2: inject bilingual metadata per naming spec. H1 now shows 制裁名单筛查 + slug; tagline and description replaced with CTO-authored copy (fixes tagline pollution for non-ZVT skills).

v0.3.1

Remove install.sh — knowledge-only bundle. Host AI consumes directly from URL; no user-side installation needed. Fixes ClawHub suspicious flag.

v0.3.0

Doramagic crystal portfolio v0.3.0. Full 5-layer bp-009 standard. github.com/tangweigang-jpg/doramagic-skills

Metadata

Slug opensanctions-watchlist

Version 0.3.2

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 3

Frequently Asked Questions

What is Opensanctions Watchlist?

OpenSanctions 黑名单合规筛查：国际制裁名单、PEP（政要）、高风险人物数据的抓取、去重、匹配与版本归档。适用于 KYC 和 AML 尽调。 It is an AI Agent Skill for Claude Code / OpenClaw, with 109 downloads so far.

How do I install Opensanctions Watchlist?

Run "/install opensanctions-watchlist" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Opensanctions Watchlist free?

Yes, Opensanctions Watchlist is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Opensanctions Watchlist support?

Opensanctions Watchlist is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Opensanctions Watchlist?

It is built and maintained by Tang Weigang (@tangweigang-jpg); the current version is v0.3.2.

More Skills