← 返回 Skills 市场

Opensanctions Watchlist

Name: Opensanctions Watchlist
Author: tangweigang-jpg

作者 Tang Weigang · GitHub ↗ · v0.3.2 · MIT-0

cross-platform ⚠ suspicious

109

总下载

当前安装

版本数

在 OpenClaw 中安装

/install opensanctions-watchlist

功能描述

OpenSanctions 黑名单合规筛查：国际制裁名单、PEP（政要）、高风险人物数据的抓取、去重、匹配与版本归档。适用于 KYC 和 AML 尽调。

安全使用建议

This bundle is internally inconsistent: it claims to be a sanctions/PEP watchlist but contains trading/backtest content and runtime steps that reference ZVT and shell/python commands. Before installing or invoking it: 1) Ask the publisher/source — where did this come from? 2) Inspect seed.yaml and SKILL.md yourself (they are bundled) to confirm intended behavior. 3) Do not run the included precondition commands (pip install zvt, zvt.init_dirs, or python3 -m zvt.*) on a production machine; use an isolated sandbox if you want to test. 4) Expect the skill to ask for external data-provider credentials at runtime even though none are declared — do not enter secrets until you verify necessity. 5) If you only need sanctions/PEP lookups, prefer a simpler, provenance-clear skill (or official OpenSanctions integrations) rather than this mixed bundle.

功能分析

Type: OpenClaw Skill Name: opensanctions-watchlist Version: 0.3.2 The skill bundle exhibits a major structural discrepancy between its stated purpose (OpenSanctions/KYC compliance) and its actual operational logic, which is almost entirely focused on quantitative stock trading using the ZVT framework. SKILL.md and seed.yaml contain 'Fatal' semantic locks (e.g., SL-01, SL-08) and architectural stages (trading_execution) that govern stock trading and MACD indicators, which are irrelevant to a sanctions watchlist. While no explicit evidence of data exfiltration or malicious execution (like reverse shells) was found, the mismatch suggests either a severely misconfigured bundle or a 'Frankenstein' template that could lead to unpredictable agent behavior when executing financial instructions.

能力标签

cryptorequires-walletrequires-sensitive-credentials

能力评估

⚠ Purpose & Capability

Name/description advertise OpenSanctions-style sanctions/PEP screening for KYC/AML, but SKILL.md and companion files contain many trading/backtest elements (ZVT, MACD parameters, trading semantic locks, 'trading_execution' in pipeline and human_summary focused on A-share quant flows). That mismatch suggests the bundle was merged or compiled with unrelated blueprints; the extra trading scope does not belong to a pure sanctions watchlist.

⚠ Instruction Scope

Although instruction-only (no code), SKILL.md and seed.yaml instruct the agent to reload seed.yaml, run preconditions that execute python commands, check ZVT_HOME, run zvt recorders, and possibly install packages (pip install zvt). These instructions reference filesystem paths, run shell/python commands, and require re-reading bundled files — actions beyond simple read-only sanctions lookups and not reflected in the declared requirements.

ℹ Install Mechanism

No install spec or binaries are declared (lowest install risk). However seed.yaml's execution_protocol mentions install recipes and preconditions that instruct pip installs and zvt init commands; the skill bundle itself contains large data (seed.yaml) that the agent is told to re-read. Lack of an explicit install spec is inconsistent with those instructions.

⚠ Credentials

Registry metadata lists no required env vars/credentials, yet runtime docs reference environment variables (ZVT_HOME) and ask the user to choose data providers (some of which require accounts/keys: joinquant, qmt). The skill may prompt for or rely on external credentials at runtime despite not declaring them up-front.

ℹ Persistence & Privilege

always:false and no special privileges are requested. Still, instructions include commands that create/modify user directories (~/.zvt), run pip installs, and require reloading seed.yaml; these can write to the host filesystem and install packages if followed, so exercise caution even though the skill isn't marked always:true.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install opensanctions-watchlist
安装完成后，直接呼叫该 Skill 的名称或使用 /opensanctions-watchlist 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v0.3.2

v0.3.2: inject bilingual metadata per naming spec. H1 now shows 制裁名单筛查 + slug; tagline and description replaced with CTO-authored copy (fixes tagline pollution for non-ZVT skills).

v0.3.1

Remove install.sh — knowledge-only bundle. Host AI consumes directly from URL; no user-side installation needed. Fixes ClawHub suspicious flag.

v0.3.0

Doramagic crystal portfolio v0.3.0. Full 5-layer bp-009 standard. github.com/tangweigang-jpg/doramagic-skills

元数据

Slug opensanctions-watchlist

版本 0.3.2

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 3

常见问题

Opensanctions Watchlist 是什么？

OpenSanctions 黑名单合规筛查：国际制裁名单、PEP（政要）、高风险人物数据的抓取、去重、匹配与版本归档。适用于 KYC 和 AML 尽调。它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 109 次。

如何安装 Opensanctions Watchlist？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install opensanctions-watchlist」即可一键安装，无需额外配置。

Opensanctions Watchlist 是免费的吗？

是的，Opensanctions Watchlist 完全免费，采用 MIT-0 许可证，可自由下载、安装和使用。

Opensanctions Watchlist 支持哪些平台？

Opensanctions Watchlist 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 Opensanctions Watchlist？

由 Tang Weigang（@tangweigang-jpg）开发并维护，当前版本 v0.3.2。