← Back to Skills Marketplace
oscraters

IEX Cloud CLI

by oscraters · GitHub ↗ · v1.0.1
cross-platform ✓ Security Clean
376
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install iex-cloud
Description
Use this skill when a task needs IEX Cloud market data through the REST API (quotes, charts, fundamentals, market lists, and batch calls), including secure t...
README (SKILL.md)

IEX Cloud

Overview

This skill provides an operational workflow for IEX Cloud API usage in OpenClaw tasks:

  • selecting the right endpoint for market-data requests
  • building valid authenticated requests
  • handling API and transport errors
  • running repeatable calls through a local Bash CLI

Quick Start

  1. Preferred for OpenClaw: store the token at skills.entries.iex-cloud.apiKey and back it with a SecretRef via openclaw secrets configure.
  2. For direct shell use outside OpenClaw, set export IEX_TOKEN=....
  3. Compatibility fallback: export IEX_CLOUD_TOKEN=....
  4. Read endpoint/parameter guidance in references/api_docs.md.
  5. Use scripts/iex_cloud_cli.sh for reliable calls.

Example:

scripts/iex_cloud_cli.sh quote AAPL
scripts/iex_cloud_cli.sh chart AAPL 1m
scripts/iex_cloud_cli.sh movers mostactive

Workflow

  1. Classify request type:
  • latest quote: quote
  • historical bars: chart
  • company/fundamentals: company, stats
  • market movers: movers
  • multi-symbol pulls: batch
  1. Validate required parameters before call dispatch.
  2. Execute request with token auth and timeout.
  3. Validate response class:
  • HTTP failure / transport failure
  • JSON payload containing API error fields
  • empty or malformed payload
  1. Normalize output downstream as needed.

Authentication and Safety

  • Primary token env var: IEX_TOKEN.
  • Compatibility token alias: IEX_CLOUD_TOKEN.
  • In OpenClaw, prefer skills.entries.iex-cloud.apiKey with SecretRefs over plaintext config.
  • Do not hardcode tokens in source files.
  • Do not print full token values in logs.
  • Prefer query parameter token=... when using these endpoints.
  • The CLI accepts only trusted IEX API hosts for base URL overrides and warns when a non-default trusted override is used.
  • raw calls are limited to relative IEX API paths. Do not pass full URLs.

Reliability Guidance

  • Use bounded timeouts (curl --max-time in CLI).
  • Handle non-2xx responses as hard failures.
  • Validate symbol, range, and list-type inputs early.
  • For large jobs, use batch endpoints where possible.
  • If you modify IEX_BASE_URL or pass --base-url, expect a warning so the change is visible during review.

OpenClaw Secrets Management

  • OpenClaw can inject this skill's API key from skills.entries.iex-cloud.apiKey for each agent run.
  • Secret refs are preferred over plaintext because the resolved secret wins at runtime and plaintext is ignored.
  • Recommended operator flow:
    • openclaw secrets audit --check
    • openclaw secrets configure
    • openclaw secrets audit --check
  • For direct shell usage outside OpenClaw, export IEX_TOKEN in your shell instead.

Included Files

  • scripts/iex_cloud_cli.sh: Bash CLI for common endpoints and raw calls.
  • scripts/README.md: CLI usage examples and command reference.
  • references/api_docs.md: operational endpoint reference and guardrails.

Resources

Usage Guidance
This skill appears to do what it says: a small Bash CLI that sends your IEX token to the documented IEX Cloud endpoints. Before installing or running: prefer injecting the token via OpenClaw secret refs (skills.entries.iex-cloud.apiKey) rather than exporting it in plaintext; inspect the scripts yourself first; when running locally avoid passing the token via --token on shared systems (it may be visible in process lists/command history); consider using the sandbox base URL with a sandbox token while you validate behavior; rotate tokens if you expose them during testing. The skill enforces trusted hosts and rejects full URLs for raw calls, which reduces but does not eliminate risk—review and run only if you trust the repository/source.
Capability Analysis
Type: OpenClaw Skill Name: iex-cloud Version: 1.0.1 The OpenClaw AgentSkills skill bundle for IEX Cloud is classified as benign. The `scripts/iex_cloud_cli.sh` script implements robust security controls, including strict whitelisting of trusted IEX API hosts (`cloud.iexapis.com`, `sandbox.iexapis.com`) for the base URL, preventing Server-Side Request Forgery (SSRF). It also performs strong input validation for `raw` API paths, rejecting full URLs, path traversal (`..`), and query string injection. Token handling is secure, relying on environment variables and passing tokens as URL-encoded query parameters. The `SKILL.md` and other documentation files consistently outline these security guardrails and do not contain any prompt injection attempts. Furthermore, the `scripts/validate_registry_metadata.py` script actively verifies the presence and enforcement of these security measures, indicating a deliberate secure design.
Capability Assessment
Purpose & Capability
Name/description, registry metadata, SKILL.md, and the included scripts all focus on IEX Cloud REST calls. Required binary (curl) and required env var (IEX_TOKEN) match the implementation; optional jq and IEX_BASE_URL are documented and used only for allowed overrides.
Instruction Scope
SKILL.md instructs the agent to use the provided Bash CLI and OpenClaw secret injection, to avoid hardcoding tokens, and to validate inputs. The runtime script only accesses the declared env vars and enforces limits (trusted hosts, relative raw paths, no query chars in raw path). There are no instructions to read unrelated files or exfiltrate data to third-party endpoints.
Install Mechanism
There is no install spec (instruction-only skill) and included files are plain Bash/Python source in the repo. Nothing is downloaded from arbitrary URLs and no archives are extracted—low install risk.
Credentials
Only IEX_TOKEN (plus a documented compatibility alias IEX_CLOUD_TOKEN and optional IEX_BASE_URL) are requested. These variables are directly required to call the IEX API and are proportionate to the skill's function.
Persistence & Privilege
The skill is not always-enabled and does not request elevated or cross-skill configuration changes. It does not modify other skills' configs or require persistent presence.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install iex-cloud
  3. After installation, invoke the skill by name or use /iex-cloud
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
- Added OpenClaw metadata and homepage fields in SKILL.md for enhanced integration and discoverability. - Introduced explicit guidance for OpenClaw secrets management and agent token injection. - Updated authentication documentation to clarify environment variable precedence and security practices. - Improved CLI documentation with warnings and guardrails for trusted base URL overrides. - Added two files: registry-metadata.json and scripts/validate_registry_metadata.py.
v1.0.0
- Initial release of iex-cloud skill for IEX Cloud API integration. - Provides authenticated access to market data (quotes, charts, fundamentals, movers, batch). - Includes secure token handling via environment variables. - Features a Bash CLI script for making and repeating API calls. - Offers workflow guidance for endpoint selection, parameter validation, error handling, and response normalization. - Supplies operational references and usage documentation.
Metadata
Slug iex-cloud
Version 1.0.1
License
All-time Installs 0
Active Installs 0
Total Versions 2
Frequently Asked Questions

What is IEX Cloud CLI?

Use this skill when a task needs IEX Cloud market data through the REST API (quotes, charts, fundamentals, market lists, and batch calls), including secure t... It is an AI Agent Skill for Claude Code / OpenClaw, with 376 downloads so far.

How do I install IEX Cloud CLI?

Run "/install iex-cloud" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is IEX Cloud CLI free?

Yes, IEX Cloud CLI is completely free (open-source). You can download, install and use it at no cost.

Which platforms does IEX Cloud CLI support?

IEX Cloud CLI is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created IEX Cloud CLI?

It is built and maintained by oscraters (@oscraters); the current version is v1.0.1.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments