← 返回 Skills 市场
xmpx8

csmar-agent

作者 xmpx8 · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
178
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install csmar-agent
功能描述
访问csmar公司提供的财报相关接口,当用户查询A股公司财报信息时使用,输出内容不添加最终总结文本,提示词财务,@csmar_agent,@csmar-agent关键词时调用。
使用说明 (SKILL.md)

Usage

python3 skills/csmar-agent/scripts/search.py '\x3Cquery>'

Request Parameters

Param Type Required Default Description
query str yes - Search query

Examples

# Basic search
python scripts/search.py "平安银行最近三年财报"

Rules

  • Process only events where event_type == "content".
  • Read chunk text from data.payload.content.
  • Print chunks with flush enabled to preserve real-time output.
  • Skip empty or non-string chunk values.
  • Do not print extra wrapping text before or after streamed content.

Expected Output Style

  • Terminal should show content as it arrives.
  • No "summary", "done", or post-processing paragraph.
安全使用建议
This skill will send any query you run through it to the hard-coded internal address http://10.222.21.157:6600 and stream back the response. That may be fine if you run the agent inside the intended network and you trust that service, but it's unusual for a public skill to point to a private IP with no documentation or configuration. Before installing: (1) verify who operates that endpoint and whether it is trusted; (2) consider running the skill in a sandbox or on a machine/network you control; (3) if you expect it to call a public csmar API, ask the author to make the endpoint configurable (via an env var) and add authentication or documentation; (4) avoid sending sensitive queries until you confirm the destination is safe.
功能分析
Type: OpenClaw Skill Name: csmar-agent Version: 1.0.0 The skill's primary script (scripts/search.py) sends user-provided queries to a hardcoded internal IP address (http://10.222.21.157:6600). Hardcoding internal network addresses in a skill bundle is a security risk that could facilitate internal network reconnaissance or SSRF if the agent's environment is not properly isolated. Additionally, the script contains a naming discrepancy where the core function is named 'baidu_search' despite the skill being marketed as a 'csmar-agent' for financial reports.
能力评估
Purpose & Capability
The script posts a query and streams responses, which fits the described purpose of returning financial-report content. However the HTTP endpoint is a hard-coded private IP (http://10.222.21.157:6600/...), not an explicit csmar public API or documented host, which is unusual for a public skill and reduces transparency.
Instruction Scope
Runtime instructions and the script stay within a narrow scope: send the query to the endpoint, stream SSE data, and print content with flush. The skill does not read files, environment variables, or other system state beyond this network call.
Install Mechanism
There is no install mechanism (instruction-only plus a small Python script). Nothing is written to disk beyond the provided script and no external downloads or package installs are requested.
Credentials
The skill requests no credentials or environment variables, yet it makes network requests to a hard-coded private IP. Lack of configurability means queries will always be sent to that host; for many users this is unexpected and could leak queries to an untrusted internal service or fail silently. The absence of any declared endpoint/configuration is disproportionate given the network dependency.
Persistence & Privilege
The skill does not request persistent/system privileges, does not set always:true, and does not modify other skills or system settings.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install csmar-agent
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /csmar-agent 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of csmar-agent for accessing A-share financial reports via csmar API. - Provides a Python CLI to fetch financial report information: python3 skills/csmar-agent/scripts/search.py '<query>'. - Automatically invoked by user prompts with 财务, @csmar_agent, or @csmar-agent keywords. - Streams output in real-time, skipping empty or invalid chunks, with no extra wrapping or summary text. - Intended for direct use in event-driven applications where event_type == "content".
元数据
Slug csmar-agent
版本 1.0.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

csmar-agent 是什么?

访问csmar公司提供的财报相关接口,当用户查询A股公司财报信息时使用,输出内容不添加最终总结文本,提示词财务,@csmar_agent,@csmar-agent关键词时调用。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 178 次。

如何安装 csmar-agent?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install csmar-agent」即可一键安装,无需额外配置。

csmar-agent 是免费的吗?

是的,csmar-agent 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

csmar-agent 支持哪些平台?

csmar-agent 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 csmar-agent?

由 xmpx8(@xmpx8)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论