← Back to Skills Marketplace
232
Downloads
0
Stars
2
Active Installs
1
Versions
Install in OpenClaw
/install gangtise-kb
Description
Query Gangtise knowledge base API to search and retrieve financial/market information. Use when the user asks about stocks, companies, market concepts, finan...
README (SKILL.md)
Gangtise Knowledge Base Skill
This skill provides access to Gangtise's knowledge base API for querying financial and market information.
First Time Setup
Before using this skill, you need to configure your API credentials:
python3 scripts/configure.py
You will be prompted to enter your Access Key and Secret Key, which can be obtained from: https://open.gangtise.com
Authentication
The API uses OAuth2-style authentication:
- Use Access Key + Secret Access Key to get an access token via
loginV2 - V2 接口返回的 accessToken 已经携带了 Bearer 前缀,后续接口调用不需要再拼接
Auth Request
{
"accessKey": "your-access-key",
"secretAccessKey": "your-secret-key"
}
Auth Response
{
"code": "000000",
"data": {
"accessToken": "Bearer xxxx-xxxx-xxxx-xxxx",
"expiresIn": 3600,
"uid": 123,
"userName": "your-name",
"tenantId": 1,
"time": 1704067200
}
}
Base URL
- Base URL:
https://open.gangtise.com
Available Scripts
Configuration (First Time Setup)
python3 scripts/configure.py
Interactive setup for API credentials. Run this first before using any other scripts.
Get Access Token
python3 scripts/get_token.py
Returns a valid access token for API calls.
Query Knowledge Base
# Basic query
python3 scripts/query_kb.py "比亚迪最新消息"
# With options
python3 scripts/query_kb.py "特斯拉" --type 10,40 --top 5 --days 180
# With explicit token
python3 scripts/query_kb.py "宁德时代" --token YOUR_TOKEN
API Endpoints
Authentication
- POST
/application/auth/oauth/open/loginV2- Body:
{ "accessKey": "...", "secretAccessKey": "..." } - Returns:
{ "code": "000000", "data": { "accessToken": "..." } } - Note: V2接口返回的accessToken已经携带了Bearer前缀
- Body:
Knowledge Base Query
- POST
/application/open-data/ai/search/knowledge/batch- Header:
Authorization: Bearer {token} - Content-Type:
application/json
- Header:
Request Parameters
| 参数名 | 必选 | 类型 | 说明 |
|---|---|---|---|
| queries | 是 | List\x3CString> | 查询条件列表,最大支持5个查询条件 |
| top | 否 | Integer | 返回文档数量,默认10,最大支持20 |
| resourceTypes | 否 | List\x3CInteger> | 知识库资源类型列表 |
| knowledgeNames | 否 | List\x3CString> | 知识库类型(默认只使用系统库) |
| startTime | 否 | Long | 数据查询开始时间(13位时间戳) |
| endTime | 否 | Long | 数据查询结束时间(13位时间戳) |
Resource Types
| 代码 | 类型 | 说明 |
|---|---|---|
| 10 | 券商研究报告 | 证券公司发布的研究报告 |
| 20 | 内部研究报告 | 机构内部研究报告 |
| 40 | 首席分析师观点 | 分析师观点文章 |
| 50 | 公司公告 | 上市公司公告 |
| 60 | 会议平台纪要 | 会议纪要 |
| 70 | 调研纪要公告 | 调研纪要 |
| 80 | 网络资源纪要 | 网络资源 |
| 90 | 产业公众号 | 产业相关公众号文章 |
Knowledge Names
system_knowledge_doc- 系统库(默认)tenant_knowledge_doc- 租户库
Response Format
{
"code": "000000",
"msg": "操作成功",
"status": true,
"data": [
{
"query": "查询问题",
"data": [
{
"content": "文本切片内容",
"resourceType": 10,
"title": "文件标题",
"company": "公司",
"industry": "行业",
"time": 1746506803000,
"sourceId": "溯源id",
"knowledgeName": "知识库名称",
"extraInfo": {
"position": {
"page": [1],
"totalPages": 14,
"polygon": []
}
}
}
]
}
]
}
HTTP Status Codes
| 状态码 | 说明 |
|---|---|
| 200 | 操作成功 |
| 429 | 接口繁忙,请稍后再试 |
Usage Examples
Query single topic
python3 scripts/query_kb.py "比亚迪" --top 3
Query with specific resource types
python3 scripts/query_kb.py "新能源" --type 10,50 --top 5
Query with time range (last 30 days)
python3 scripts/query_kb.py "AI芯片" --days 30 --top 10
Raw JSON output
python3 scripts/query_kb.py "宁德时代" --json
Configuration File
Credentials are stored in config.json (created automatically by configure.py):
{
"ACCESS_KEY": "your-access-key",
"SECRET_KEY": "your-secret-key",
"BASE_URL": "https://open.gangtise.com"
}
Note: The configuration file has restricted permissions (600) to protect your credentials.
Usage Guidance
This skill appears to implement a legitimate Gangtise KB client, but there are notable red flags you should address before using it: 1) The package includes config.json with ACCESS_KEY and SECRET_KEY already filled — do not assume these are safe to use. Remove or overwrite that file and provide your own credentials (and rotate any real keys if published). 2) The network code disables SSL certificate verification; consider editing get_token.py/query_kb.py/temp_query.py to use normal certificate checks (remove the check_hostname/verify_mode overrides or use a verified context). 3) The top-level wrapper expects a binary gangtise-kb/gangtise-kb.py which is not present — the skill may fail or behave unexpectedly; inspect and test in a sandbox. 4) Run these scripts in a controlled environment (offline or network-restricted VM) until you replace credentials and fix SSL settings. If you plan to grant persistent or autonomous invocation to an agent, be extra cautious because the embedded credentials could be used without further prompts. If you want me to, I can show the exact lines to change to re-enable SSL verification or help remove the embedded credentials safely.
Capability Analysis
Type: OpenClaw Skill
Name: gangtise-kb
Version: 1.0.0
The skill bundle contains hardcoded API credentials in 'config.json' and consistently disables SSL certificate verification ('ssl.CERT_NONE') across multiple files, including 'scripts/get_token.py', 'scripts/query_kb.py', and 'scripts/temp_query.py'. While these are critical security vulnerabilities that expose the user to Man-In-The-Middle (MITM) attacks and credential theft, they appear to be unintentional flaws rather than intentional malware. No evidence of data exfiltration to unauthorized domains or hidden backdoors was found.
Capability Assessment
Purpose & Capability
The name, description, and scripts match the stated purpose (querying Gangtise knowledge base). However the repository includes a pre-populated config.json with ACCESS_KEY/SECRET_KEY (credentials) and the top-level wrapper expects a local binary (gangtise-kb/gangtise-kb.py) that is not present in the file manifest — packaging is inconsistent with the expected runtime.
Instruction Scope
SKILL.md and the scripts only call Gangtise API endpoints and store/use API credentials; they do not attempt to read unrelated system files. Concerns: multiple scripts disable SSL certificate verification (ctx.check_hostname=False and verify_mode=CERT_NONE or use of ssl._create_unverified_context()), which weakens transport security. temp_query.py performs several automated queries when run (not harmful by itself but will send queries using whatever credentials are present).
Install Mechanism
This is an instruction-and-script-only skill with no install spec or external downloads. No archive extraction or remote installers are used.
Credentials
The skill declares no required environment variables, but the package ships with a filled config.json containing ACCESS_KEY and SECRET_KEY. Including live credentials in the bundle is disproportionate and risky (leaked/compromised keys, unintended usage). The scripts will use those keys automatically if the user does not overwrite them. No other unrelated credentials are requested.
Persistence & Privilege
The skill does not request elevated privileges and is not always-enabled. It stores configuration in a local config.json file (its own path) and configure.py sets file permissions to 600. That behavior is expected, but the presence of a pre-filled config.json means the skill will persist and use embedded credentials unless changed.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install gangtise-kb - After installation, invoke the skill by name or use
/gangtise-kb - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
gangtise-kb v1.0.0
- Initial release.
- Enables querying the Gangtise knowledge base API for financial and market information.
- Includes scripts for configuration, authentication, and querying the knowledge base.
- Provides detailed usage, parameter, and endpoint documentation.
- Supports filtering by resource type, time range, and returning results as raw JSON.
Metadata
Frequently Asked Questions
What is Gangtise Kb?
Query Gangtise knowledge base API to search and retrieve financial/market information. Use when the user asks about stocks, companies, market concepts, finan... It is an AI Agent Skill for Claude Code / OpenClaw, with 232 downloads so far.
How do I install Gangtise Kb?
Run "/install gangtise-kb" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Gangtise Kb free?
Yes, Gangtise Kb is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Gangtise Kb support?
Gangtise Kb is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Gangtise Kb?
It is built and maintained by hmaya (@hmaya); the current version is v1.0.0.
More Skills