← 返回 Skills 市场
206
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install investment-brief-generator
功能描述
股票分析 AI 工具 | 智能投资简报生成器 - 自动生成个股分析报告、市场热点追踪、持仓监控。支持 A股/港股/美股,实时股价查询,技术分析,研报生成。一键生成专业 Markdown 投资报告。
使用说明 (SKILL.md)
智能投资简报生成器
基于 Tavily AI 搜索的股票投资分析工具,自动生成专业投资简报。
功能特点
- 🔍 AI 智能搜索 - 使用 Tavily API 获取实时股票数据和市场信息
- 📊 个股深度分析 - 自动生成包含价格、估值、技术形态的分析报告
- 🎯 持仓股监控 - 支持多只股票同时监控,自定义提醒价位
- 📄 专业简报输出 - 生成格式化的 Markdown 投资简报
- ⚡ 一键生成 - 简单命令即可获取完整分析报告
使用方法
生成个股分析报告
node {baseDir}/scripts/generate-brief.mjs --stock 002837 --name 英维克
生成市场热点简报
node {baseDir}/scripts/generate-brief.mjs --market
监控持仓股
node {baseDir}/scripts/generate-brief.mjs --portfolio
配置
需要设置 Tavily API Key:
export TAVILY_API_KEY=your_api_key_here
或在 OpenClaw 配置中添加:
{
"env": {
"vars": {
"TAVILY_API_KEY": "your_api_key_here"
}
}
}
输出示例
简报包含以下内容:
- 股票基本信息(价格、涨跌幅、成交量)
- 技术面分析(支撑/阻力位)
- 基本面亮点
- 市场情绪
- 操作建议
依赖
- Node.js 18+
- Tavily API Key
- OpenClaw 环境
License
MIT
安全使用建议
This skill appears to do what it claims: generate stock reports using Tavily. Before installing or running it, check that you (1) actually have a valid TAVILY_API_KEY and are comfortable providing it to the skill, (2) verify whether you have or want the dependent skill ~/.openclaw/skills/tavily-search/scripts/search.mjs — if that file is missing the tool will fail, and if it's present you should review it to ensure it doesn't perform unexpected network calls or exfiltrate data, (3) be aware the script uses child_process.execSync to run the search script with user-supplied queries; avoid passing untrusted/unsanitized input and consider running it in a sandboxed environment, and (4) confirm Node.js 18+ is used. If you want higher assurance, open and review the referenced tavily-search script (or replace the exec call with a direct API client) and test with a throwaway API key first.
功能分析
Type: OpenClaw Skill
Name: investment-brief-generator
Version: 1.0.1
The script `scripts/generate-brief.mjs` is vulnerable to shell injection because it passes unsanitized command-line arguments (`--stock` and `--name`) directly into a system command executed via `execSync`. While the tool's logic appears consistent with its stated purpose of generating investment reports, this flaw allows for arbitrary command execution if provided with malicious input. Additionally, the script relies on a hardcoded file path within the user's home directory (`.openclaw/skills/tavily-search/`) to execute a secondary dependency.
能力评估
Purpose & Capability
Name/description, required binary (node), and the single required env var (TAVILY_API_KEY) line up with a Tavily-backed stock briefing tool. The code uses Tavily credentials and Node.js only — nothing requests unrelated cloud credentials or surprising system access.
Instruction Scope
The runtime script invokes a separate script at ~/.openclaw/skills/tavily-search/scripts/search.mjs via child_process.execSync to perform searches. This is coherent if the author intended to reuse a local 'tavily-search' skill, but SKILL.md does not document this dependency. The use of execSync with a constructed command line (including user-provided query text) exposes potential command-line injection risks if inputs are not controlled; inputs are not explicitly sanitized in the script.
Install Mechanism
There is no install spec (instruction-only plus one JS script included). Nothing is downloaded from external URLs or written to nonstandard locations during install, which is low-risk from an install mechanism perspective.
Credentials
Only TAVILY_API_KEY is required and declared as the primary credential, which is proportional to the described functionality. The script does read HOME to locate another skill, but it does not request additional secrets or unrelated environment variables.
Persistence & Privilege
always is false and the skill does not attempt to alter other skills or system-wide configuration. It does execute a local script but does not request permanent presence or elevated platform privileges.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install investment-brief-generator - 安装完成后,直接呼叫该 Skill 的名称或使用
/investment-brief-generator触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
Update: Improved documentation and examples
v1.0.0
初始版本:支持个股分析和市场简报生成,基于 Tavily AI 搜索
元数据
常见问题
智能投资简报生成器 是什么?
股票分析 AI 工具 | 智能投资简报生成器 - 自动生成个股分析报告、市场热点追踪、持仓监控。支持 A股/港股/美股,实时股价查询,技术分析,研报生成。一键生成专业 Markdown 投资报告。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 206 次。
如何安装 智能投资简报生成器?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install investment-brief-generator」即可一键安装,无需额外配置。
智能投资简报生成器 是免费的吗?
是的,智能投资简报生成器 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
智能投资简报生成器 支持哪些平台?
智能投资简报生成器 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 智能投资简报生成器?
由 ryan-wuxl(@ryan-wuxl)开发并维护,当前版本 v1.0.1。
推荐 Skills