← 返回 Skills 市场
Strategy Workflow
作者
Dan Repaci
· GitHub ↗
· v0.1.0
497
总下载
1
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install strategy-workflow
功能描述
Comprehensive strategy development workflow from ideation to validation. Use when creating trading strategies, running backtests, parameter optimization, or...
安全使用建议
This skill's instructions expect system-level and network privileges (ssh/scp, tmux, process management, persistent state files, optional DB and vendor ingest) but the package declares none of the required credentials or binaries. Before installing or running: 1) Request the actual scripts referenced (start_swarm_watchdogs.sh, launch_parallel.sh, optimize_strategy.py, validation.py, etc.) and review them line-by-line — do not run blindly. 2) Require explicit declarations of required environment variables/keys (SSH private key, HOST/PORT, Vast.ai or cloud API keys, Postgres URL) and only provide them in isolated test environments. 3) Prefer running first in a sandboxed VM/container with no sensitive host mounts or network access. 4) Disable autonomous execution unless you can audit all control-plane code; run manually until you confirm intended behavior. 5) If you need this functionality, demand the skill author add explicit metadata (required env vars, binaries) and include or point to the referenced scripts and installation instructions. These inconsistencies justify caution — the workflow could be legitimate, but it currently asks for broad, implicit privileges without transparency.
功能分析
Type: OpenClaw Skill
Name: strategy-workflow
Version: 0.1.0
The skill bundle is classified as suspicious due to its extensive use of high-risk capabilities and sophisticated prompt injection techniques, even though the stated purpose is benign. Key indicators include explicit instructions for remote root access and execution via `scp` and `ssh` to `root@HOST` (SKILL.md, backtest-optimize.md), direct commands for data exfiltration to 'mac local machine & cloud' (references/strategy_generation.md), and the 'Autonomous Doctrine (Mandatory)' in backtest-optimize.md. This doctrine is a strong form of prompt injection, instructing the AI agent to operate with mandatory persistence, self-healing, and autonomous decision-making, which represents a significant vulnerability if the agent's directives were to be subverted.
能力评估
Purpose & Capability
The stated purpose (strategy development, backtests, distributed optimization) plausibly needs SSH, GPUs, tmux, python, and access to remote storage/DBs; those tools and credentials are referenced repeatedly in the instructions but are not declared in the registry metadata. It's plausible but the skill should have required env vars (SSH keys/host, Vast.ai/API creds, DB URL) and required binaries listed.
Instruction Scope
SKILL.md instructs the agent to run system-level scripts (start_swarm_watchdogs.sh, launch tmux loops), run pgrep/kill/relaunch logic, read/write many persistent state/log files under workspace/docs, scp/ssh to remote hosts, and ingest private docs — all of which grant broad read/write and network access. The instructions are prescriptive about autonomous, always-on remediation and continuous communication; that scope is large and not constrained to the stated purpose.
Install Mechanism
This is an instruction-only skill with no install spec or code files to execute. That reduces direct installation risk, but the runtime commands it tells the agent to run will invoke external scripts (which are not bundled) and system tools on the host.
Credentials
The skill declares no required env vars or primary credential, yet the workflow expects SSH/scp access (HOST/PORT), potential cloud provider credentials (Vast.ai or vendor APIs), and optional DB connection strings (Postgres RDBStorage). The absence of declared credentials is a mismatch and could lead an agent to request or use secrets ad-hoc.
Persistence & Privilege
Although registry flags do not force always-on inclusion, the skill's instructions push for always-on, autonomous watchdogs that persist state, auto-heal, and relaunch processes. That behavior would write persistent logs/state, modify system process state, and perform network operations — a high privilege footprint that should be explicitly declared and limited.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install strategy-workflow - 安装完成后,直接呼叫该 Skill 的名称或使用
/strategy-workflow触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.0
strategy-workflow 2.0.0 is a major upgrade providing an end-to-end quantitative trading strategy framework.
- Adds multi-GPU backtesting, Bayesian hyperparameter optimization with Optuna, and walk-forward validation support.
- Introduces watchdogs and a control plane for hardware/resource management and self-healing orchestration.
- Details new entry points for parallel and single-symbol workflows, including cloud deployment instructions.
- Expands documentation with step-by-step development guidance, pre-flight validation, parameter optimization, and guardrails.
- Enables automated tearsheet/report generation and multi-provider PAL MCP integration.
- Provides comprehensive implementation notes, references, and orchestration instructions.
元数据
常见问题
Strategy Workflow 是什么?
Comprehensive strategy development workflow from ideation to validation. Use when creating trading strategies, running backtests, parameter optimization, or... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 497 次。
如何安装 Strategy Workflow?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install strategy-workflow」即可一键安装,无需额外配置。
Strategy Workflow 是免费的吗?
是的,Strategy Workflow 完全免费(开源免费),可自由下载、安装和使用。
Strategy Workflow 支持哪些平台?
Strategy Workflow 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Strategy Workflow?
由 Dan Repaci(@ahuserious)开发并维护,当前版本 v0.1.0。
推荐 Skills