← Back to Skills Marketplace
Quant Orchestrator
by
pikachu022700
· GitHub ↗
· v1.1.0
423
Downloads
0
Stars
1
Active Installs
2
Versions
Install in OpenClaw
/install quant-orchestrator
Description
Multi-Agent AI Quant System with multi-coin prediction, strategy templates, and automated backtesting
Usage Guidance
This skill contains plausible quant code but also several red flags you should resolve before installing or using it with real data or funds: 1) billing.py embeds a hardcoded API key and calls a third‑party billing API — ask the author why a secret is in the repository and request that billing keys be provided via environment variables or handled by the platform (and rotate the embedded key immediately). 2) The SKILL.md and registry declare no credentials or dependencies, yet the code uses requests, numpy, and lightgbm and will make outbound network calls to api.hyperliquid.xyz and skillpay.me — verify these endpoints are expected and safe. 3) Several files hardcode a local model path (/Users/a/...), so running CLI entrypoints might read local files — run the skill in a sandbox and inspect what files it opens. 4) Ask the publisher for provenance (homepage, source repo, author identity) and why billing is implemented inline. 5) If you test it, do so in an isolated environment with no access to your production secrets or wallets, and monitor outbound network traffic. If the author cannot justify the embedded billing key or the undeclared dependencies/endpoints, do not install or run the skill.
Capability Analysis
Type: OpenClaw Skill
Name: quant-orchestrator
Version: 1.1.0
The skill bundle contains a hardcoded API secret key in 'billing.py' and hardcoded absolute local file paths (e.g., '/Users/a/.openclaw/...') in 'skill_v2.py' and 'skill_with_billing.py', which will cause execution failures and represent poor security hygiene. There is also a discrepancy between the documented pricing in 'SKILL.md' (0.1 USDC) and the code implementation (0.0001 USDC) in 'billing.py'. While the core logic aligns with the stated purpose of quantitative trading, the inclusion of a custom billing SDK pointing to 'https://skillpay.me' and leaked credentials makes the bundle high-risk for production use.
Capability Assessment
Purpose & Capability
The skill claims to be a multi‑agent quant orchestrator, which explains the prediction, backtest and strategy code. However, there are surprising elements that don't belong to that stated purpose: a standalone billing module (billing.py) with a hardcoded API key and skillpay API URL, and multiple files referencing a local absolute model path (/Users/a/.openclaw/...), while the skill metadata declares no credentials or config requirements. The code also imports heavy dependencies (lightgbm, numpy, requests) though the SKILL.md and registry declare no required packages. These are disproportionate or undeclared relative to the simple description.
Instruction Scope
SKILL.md shows normal usage examples (instantiating MultiCoinPredictor and calling run_all) and lists pricing, but it does not document when or how billing is invoked, nor how model files are provided. The code will make outbound POSTs to https://api.hyperliquid.xyz/info to fetch prices and billing.py calls https://skillpay.me endpoints. The CLI sections hardcode a local model path and may attempt to read local files if executed. The runtime instructions are not explicit about network calls, local file access, or charging behavior, giving the agent broad ability to call external endpoints and access local model files if run.
Install Mechanism
There is no install spec (no external downloads or archive extraction), so nothing is fetched during install. The risk comes from the included source files themselves (they will be present in the skill), but there is no installer that pulls arbitrary code from untrusted URLs.
Credentials
The registry declares no required environment variables or credentials, yet billing.py contains a hardcoded API key and contacts an external billing service. That embedded credential is sensitive and not declared. The skill also performs network requests to third‑party endpoints (market data and billing) without declaring those endpoints or requiring explicit authorization. The code references a user home path for model files, which implies filesystem access to potentially sensitive local files.
Persistence & Privilege
The skill is not marked always:true and does not attempt to modify other skills or system config. Autonomous invocation (default) remains possible but there is no evidence the skill self‑installs persistent agents or changes global settings.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install quant-orchestrator - After installation, invoke the skill by name or use
/quant-orchestrator - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.0
Added multi-coin prediction (8 coins) and 10 strategy templates
v1.0.0
Initial release
Metadata
Frequently Asked Questions
What is Quant Orchestrator?
Multi-Agent AI Quant System with multi-coin prediction, strategy templates, and automated backtesting. It is an AI Agent Skill for Claude Code / OpenClaw, with 423 downloads so far.
How do I install Quant Orchestrator?
Run "/install quant-orchestrator" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Quant Orchestrator free?
Yes, Quant Orchestrator is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Quant Orchestrator support?
Quant Orchestrator is cross-platform and runs anywhere OpenClaw / Claude Code is available (darwin, linux, win32).
Who created Quant Orchestrator?
It is built and maintained by pikachu022700 (@pikachu022700); the current version is v1.1.0.
More Skills