← 返回 Skills 市场
152
总下载
0
收藏
0
当前安装
4
版本数
在 OpenClaw 中安装
/install stock-entry-analyzer
功能描述
多指标股票入场分析工具。基于乖离率 (BIAS) 为核心,结合均线/MACD/RSI/成交量/资金流/估值等 7 大类指标,综合判断股票或基金是否适合买入。使用 stock-price-query、stock-market-pro、eastmoney-tools 获取数据,输出检查清单和综合评分。当用户询问"XX...
安全使用建议
This skill implements the advertised stock-analysis logic, but it reads an EastMoney API key (EM_API_KEY) and directly accesses a vault file (/root/.openclaw/workspace/vault/credentials/eastmoney.json) while the registry metadata declares no required secrets. Before installing: 1) ask the publisher to declare EM_API_KEY (or other credentials) in the skill metadata and explain why vault access is needed; 2) review or sandbox the skill — it executes other skills' scripts from /root/.openclaw/workspace which could run arbitrary code, so verify those scripts (stock-price-query, mx-finance-data) are trustworthy; 3) ensure required Python packages (pandas, openpyxl) are available or explicitly listed; 4) if you keep secrets in a shared vault, consider restricting this skill's access or running it in an isolated environment; 5) if you can't verify the other skills or the vault contents, do not grant this skill access to your production agent.
功能分析
Type: OpenClaw Skill
Name: stock-entry-analyzer
Version: 3.0.0
The skill bundle implements a stock analysis tool that exhibits high-risk behaviors, specifically direct access to sensitive credential files in the OpenClaw vault (/root/.openclaw/workspace/vault/credentials/eastmoney.json) and the execution of external scripts via subprocess.run (found in analyze_stocks.py and analyze_stocks_v2.py). While these actions are plausibly aligned with the stated purpose of integrating multiple financial data sources (e.g., Eastmoney and Tencent), the practice of hardcoding paths to other skills and directly reading shared credentials represents a significant security risk within the agent environment. No clear evidence of intentional malice or data exfiltration was identified.
能力标签
能力评估
Purpose & Capability
The skill's behavior (calling stock-price-query, mx-finance-data and eastmoney-related code) is consistent with a stock analysis tool. However, the package/registry metadata declares no required environment variables or credentials while the code explicitly looks up EM_API_KEY and attempts to read /root/.openclaw/workspace/vault/credentials/eastmoney.json. The missing declaration of that secret is an incoherence and reduces transparency.
Instruction Scope
SKILL.md and scripts instruct the agent to run local scripts under /root/.openclaw/workspace/skills and to parse files produced by those scripts (Excel), which is expected for data fetching. But the runtime instructions (and code) also attempt to read a vault credentials file and environment variables that are not declared in the metadata. The instructions grant the skill broad discretion to call other on-disk skill scripts and read files in the workspace — this should be explicitly declared and justified.
Install Mechanism
There is no install spec (instruction-only) and code files are included. The scripts call subprocesses and use pandas/xls parsing, but the skill does not declare runtime dependencies (pandas). This is not inherently malicious but is a missing dependency declaration that may cause runtime failures or unexpected installs elsewhere.
Credentials
The code reads EM_API_KEY from the environment and falls back to reading /root/.openclaw/workspace/vault/credentials/eastmoney.json. The skill metadata lists no required env vars or primary credential. Requesting or reading vault files (which may contain other secrets) without declaring that need is disproportionate and reduces user control/consent.
Persistence & Privilege
always is false and the skill does not request forced inclusion or modify other skills' configuration. It does execute other skills' scripts and reads files in the workspace, but it does not appear to persist itself or elevate privileges.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install stock-entry-analyzer - 安装完成后,直接呼叫该 Skill 的名称或使用
/stock-entry-analyzer触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v3.0.0
重大修复:①使用 stock-price-query v1.1.4 混合数据源(港股实时)②三层 EMA20 获取策略(妙想真实数据→历史计算→改进估算)③统一乖离率公式 (price/ema20-1)*100 ④优化评分权重(乖离率 40 分)⑤港股 fallback 机制
v1.0.2
- 增加了“触发场景”说明,包括关键词智能触发和定时报告支持
- 删除 .clawhub/config.json 配置文件
- 精简和优化 Skill 描述,补充了定时任务与报告、持仓分析等使用场景
- 非核心功能和实现细节未变,输出模板与指标体系保持一致
v1.0.1
Initial release.
- 提供多指标股票/基金入场分析工具,结合乖离率(BIAS)、均线、MACD、RSI、成交量、主力资金流、估值等 7 大类指标综合判断买入时机
- 支持标准化输出模板(单只/多只标的均支持),清晰展示评分、信号明细及操作建议
- 集成 stock-price-query、stock-market-pro、eastmoney-tools 数据源
- 附带详细评分体系与脚本 calc_bias.py 用于乖离率计算
- 明确使用说明、注意事项及风险提示
v1.0.0
Initial release: 多指标股票入场分析工具,基于乖离率 (BIAS) 为核心,结合均线/MACD/RSI/成交量/资金流/估值等 7 大类指标综合评分
元数据
常见问题
Stock Entry Analyzer 是什么?
多指标股票入场分析工具。基于乖离率 (BIAS) 为核心,结合均线/MACD/RSI/成交量/资金流/估值等 7 大类指标,综合判断股票或基金是否适合买入。使用 stock-price-query、stock-market-pro、eastmoney-tools 获取数据,输出检查清单和综合评分。当用户询问"XX... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 152 次。
如何安装 Stock Entry Analyzer?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install stock-entry-analyzer」即可一键安装,无需额外配置。
Stock Entry Analyzer 是免费的吗?
是的,Stock Entry Analyzer 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Stock Entry Analyzer 支持哪些平台?
Stock Entry Analyzer 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Stock Entry Analyzer?
由 LiuLi(@liuli4)开发并维护,当前版本 v3.0.0。
推荐 Skills