← 返回 Skills 市场
PeerBerry SDK
作者
FortressQuant
· GitHub ↗
· v1.0.0
· MIT-0
248
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install peerberry-sdk
功能描述
Use this skill when assisting with FortressQuant's peerberry-sdk for PeerBerry investor automation, P2P lending education, and alternative-investment onboard...
安全使用建议
This skill appears to be documentation and runtime guidance for a PeerBerry Python SDK, but the bundle does not include the actual SDK implementation (no src/ package files were provided) and the packaging metadata/versioning is inconsistent. Before installing or using it:
- Do not paste credentials into any public chat. Use local, private execution.
- Verify the true source of the package you will install (pip install peerberry-sdk): check PyPI and the GitHub repo referenced in pyproject.toml to ensure you are installing the intended project and version. Confirm author/maintainer identity and read the package code before installing.
- Prefer installing into an isolated virtual environment. Inspect the installed package contents (site-packages) after install.
- If you plan to run purchase/automation flows, keep DRY_RUN enabled initially and set conservative MAX_ORDERS; test read-only flows first.
- The docs allow pointing the SDK at a header profile JSON file (header_profile_path / peerberry_sdk_HEADER_PROFILE). Only use that with files you control; do not point it at system files or shared secrets.
What would raise confidence to benign: the skill including the actual src/ implementation, a matching package version and a trusted homepage/repository, or an explicit install spec that points to a verified release artifact (e.g., a GitHub release tarball from the disclosed repo). If you want, I can check PyPI/GitHub for 'peerberry-sdk' and compare the package contents and maintainers to what this skill claims.
功能分析
Type: OpenClaw Skill
Name: peerberry-sdk
Version: 1.0.0
The peerberry-sdk skill bundle is a well-documented tool for interacting with the PeerBerry P2P lending platform. The provided files consist of comprehensive documentation, AI agent instructions (SKILL.md), and documentation generation scripts (docs/gen_api.py, docs/gen_client_reference.py). The SKILL.md and reference files (task-recipes.md, api-quickref.md) are specifically designed to guide the AI agent toward safe operations, explicitly mandating safety guards like DRY_RUN modes, order caps (MAX_ORDERS), and read-only initializations for financial transactions. No evidence of data exfiltration, malicious execution, or harmful prompt injection was found; the logic is entirely consistent with the stated purpose of providing a programmable interface for investor automation.
能力评估
Purpose & Capability
The SKILL.md, README, and docs consistently describe a PeerBerry Python SDK and methods for read-only and purchase flows — that purpose matches the skill name and description. However, the distributed bundle lacks the package source under src/ (the pyproject exists but the src package files are not present in the manifest), and pyproject.toml declares version 2.0.0 while the registry metadata shows version 1.0.0. This mismatch is an incoherence: the skill expects users to pip-install 'peerberry-sdk' rather than providing the SDK code inline.
Instruction Scope
Instructions are narrowly scoped to PeerBerry account operations (auth, read-only calls, guarded purchase flows). They instruct passing credentials (email/password/tfa_secret) to the SDK (expected). They also document header profile options that accept a filesystem path or env var (peerberry_sdk_HEADER_PROFILE=/path/to/profile.json), which means the SDK can be pointed at arbitrary local JSON files for header injection — this is functionally reasonable but increases the surface for misuse if a user points it at sensitive files. The docs reference tests/.env with PEERBERRY_USERNAME etc., but the skill metadata declares no required env vars — not a direct vulnerability but an inconsistency to note.
Install Mechanism
There is no install spec for the skill bundle; the docs instruct users to pip install 'peerberry-sdk'. Because the skill does not include the package implementation (no src/ package files in the manifest), the runtime flow implicitly depends on fetching an external package (PyPI/GitHub). That is a significant coherence gap: an agent using this skill would likely recommend installing an external package whose provenance must be verified. The pyproject lists a dependency on 'cloudscraper', which is plausible but worth verifying. No downloaded URLs or extract steps are included in the skill itself.
Credentials
The skill declares no required environment variables (metadata shows none), which matches the bundle. The SDK documentation expects credentials (email/password/tfa_secret/access_token) to be supplied by the caller — that is expected for an API client. The header_profile_path and peerberry_sdk_HEADER_PROFILE options allow the SDK to read a local JSON file; this capability is reasonable for custom headers but could be abused to load secrets from arbitrary paths if misconfigured. No unrelated credentials (AWS keys, unrelated tokens) are requested.
Persistence & Privilege
The skill does not request persistent/always-loaded privileges (always:false). It contains no install script that would write to system-wide config. The agent would run normally and can autonomously invoke the skill (disable-model-invocation is false), which is the platform default; this is not an additional red flag by itself.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install peerberry-sdk - 安装完成后,直接呼叫该 Skill 的名称或使用
/peerberry-sdk触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of peerberry-sdk skill.
- Provides guidance for using peerberry-sdk in PeerBerry investor automation, P2P lending education, and alternative investment onboarding.
- Supports authentication setup, portfolio and loan retrieval, filtering, purchase automation, risk-aware explanation, and SDK debugging.
- Includes quick start code examples for both read-only and safe-investment actions.
- Outlines request classification for educational, analytics, automation, and debugging scenarios.
- Documents key SDK methods, safety practices, known quirks, and references for deeper usage and troubleshooting.
- Links to official repository, documentation, and maintenance guidelines.
元数据
常见问题
PeerBerry SDK 是什么?
Use this skill when assisting with FortressQuant's peerberry-sdk for PeerBerry investor automation, P2P lending education, and alternative-investment onboard... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 248 次。
如何安装 PeerBerry SDK?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install peerberry-sdk」即可一键安装,无需额外配置。
PeerBerry SDK 是免费的吗?
是的,PeerBerry SDK 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
PeerBerry SDK 支持哪些平台?
PeerBerry SDK 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 PeerBerry SDK?
由 FortressQuant(@fortressquant)开发并维护,当前版本 v1.0.0。
推荐 Skills