← 返回 Skills 市场

A Stock Morning

Name: A Stock Morning
Author: chrislzg

作者 chrislzg · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ⚠ suspicious

总下载

当前安装

版本数

在 OpenClaw 中安装

/install a-stock-morning

功能描述

Sends a daily 9:45 AM summary of the A-share market open, including key indices, top sectors, volume, and trading suggestions via Feishu.

使用说明 (SKILL.md)

A股早盘提醒

每个A股开盘日 9:45 通过飞书发送当日开盘情况总结。

触发条件

时间：每交易日 9:45（周一至周五）
时区：Asia/Shanghai
注意：节假日需额外判断

内容

上证指数、深证成指、创业板指
沪深300指数
涨跌分布统计
热门板块 Top 5
成交额
操作建议

实现

使用腾讯股票 API 获取实时数据：

指数: https://qt.gtimg.cn/q={code}

发送

通过 OpenClaw 飞书通道发送给用户。

使用方法

# 仅生成报告
node scripts/morning-summary.mjs

# 生成并发送到飞书
node scripts/morning-summary.mjs --send

Cron 定时任务

设置每天 9:45 执行（OpenClaw 会自动判断是否为交易日）：

openclaw cron add "45 9 * * 1-5" --skill a-stock-morning -- --send

安全使用建议

This skill's purpose (send an A-share morning report via Feishu) is plausible and most behavior is readable, but there are red flags you should address before installing: 1) The script execs a Python script from an absolute developer path (/Users/chris/...), which will fail for most users and — importantly — will run code not included in the package. Ask the author what that dependency is, request they bundle or document the tavily script (and avoid absolute paths). 2) The package declares no required binaries or env vars, yet it uses the openclaw CLI and python3 and expects a Feishu webhook/config; require these to be documented (FEISHU_WEBHOOK, python3, openclaw CLI). 3) execSync runs shell commands; unknown Python scripts could exfiltrate or run arbitrary operations. If you still want to use it: run it in a sandboxed environment, inspect the external python script's source before allowing execution, or ask the author to remove shell-exec of external repos and replace with documented API calls or bundled code. If the author cannot justify or fix the tavily dependency and the absolute paths, treat the skill as risky and do not grant it access to production credentials or sensitive environments.

功能分析

Type: OpenClaw Skill Name: a-stock-morning Version: 1.0.0 The script `scripts/morning-summary.mjs` contains hardcoded absolute paths to a specific user's home directory (`/Users/chris/...`), which is highly irregular and non-portable for a shared skill bundle. Furthermore, it uses `execSync` to execute shell commands with insufficient sanitization (only escaping double quotes and newlines), creating a shell injection vulnerability if data fetched from the external Tencent Stock API or Tavily search results contains shell metacharacters like backticks or dollar signs.

能力评估

⚠ Purpose & Capability

Name/description claim: send a 9:45 A-share summary via Feishu. The main script implements that (fetches Tencent index data, formats a report, sends via OpenClaw). However the script also invokes an external 'tavily_search.py' via execSync using an absolute developer path (/Users/chris/.openclaw/workspace/skills/openclaw-tavily-search). That dependency is neither documented in SKILL.md nor declared in requirements (binaries/env), so the code requires more than the stated purpose and declared requirements.

⚠ Instruction Scope

SKILL.md only mentions fetching Tencent API data and sending via the OpenClaw Feishu channel. The actual runtime code expands scope by running shell commands to execute a local Python script (for fund flow and sector data). SKILL.md does not document this 'Tavily' dependency or the absolute path; executing that external script is out-of-band relative to the documented instructions.

⚠ Install Mechanism

There is no install spec (instruction-only) which is low-risk in itself, but the code uses child_process.execSync to run external commands and expects external tools (python3 and an external local repo). Because the script executes another repository's Python script (via cd to an absolute path), it will run code not included in the package — this is high-risk behavior for an instruction-only skill.

⚠ Credentials

Registry metadata declares no required env vars, but README and the send routine imply use of a FEISHU_WEBHOOK or OpenClaw Feishu channel; the script calls the openclaw CLI and a python script, yet no required binaries (python3, openclaw CLI) or env variables are declared. The absolute path reference potentially touches user-specific directories and assumes a particular developer workspace, which is disproportionate and undocumented.

✓ Persistence & Privilege

The skill does not request always:true and does not modify other skills or global config. It uses the OpenClaw CLI to send messages and cron is suggested in SKILL.md, but nothing indicates elevated or persistent platform privileges beyond normal operation.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install a-stock-morning
安装完成后，直接呼叫该 Skill 的名称或使用 /a-stock-morning 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

A股早盘提醒技能首发，自动发送每日开盘信息。 - 每交易日 9:45 推送A股主要指数、板块和成交额总结 - 统计涨跌分布与热门板块前五 - 支持生成报告或自动发送到飞书 - 基于腾讯股票API获取实时数据 - 可与OpenClaw定时任务自动集成

元数据

Slug a-stock-morning

版本 1.0.0

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 1

常见问题

A Stock Morning 是什么？

Sends a daily 9:45 AM summary of the A-share market open, including key indices, top sectors, volume, and trading suggestions via Feishu. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 69 次。

如何安装 A Stock Morning？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install a-stock-morning」即可一键安装，无需额外配置。

A Stock Morning 是免费的吗？

是的，A Stock Morning 完全免费，采用 MIT-0 许可证，可自由下载、安装和使用。

A Stock Morning 支持哪些平台？

A Stock Morning 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 A Stock Morning？

由 chrislzg（@chrislzg）开发并维护，当前版本 v1.0.0。