LongPort Quant Trader (房总版)

Name/description (LongPort quantitative trader) align with required binaries (python3), required env vars (LONGPORT_APP_KEY, LONGPORT_APP_SECRET, LONGPORT_ACCESS_TOKEN), and the included Python code which calls longport.openapi for market data and order submission.

The SKILL.md instructs typical setup steps (pip install longport, set env vars, run quant_monitor.py). Runtime code legitimately reads env vars, queries quotes, and submits orders. Note: multiple scripts persist state to /tmp (e.g., /tmp/auto_trade_state.json, /tmp/auto_trade_performance.json) and write logs (logs/quant_monitor.log) — expected for a trading bot but worth being aware of because these files hold trading state and should be protected.

Install spec only ensures python3 via Homebrew ([email protected]) which is reasonable. The README/SKILL.md also instructs pip installing third-party packages (longport, python-dotenv) but that pip install is not encoded in the install spec — it's a normal omission but means the environment must run pip to install dependencies before use.

Only LongPort API credentials are required (LONGPORT_APP_KEY, LONGPORT_APP_SECRET, LONGPORT_ACCESS_TOKEN), which are directly relevant. Optional Feishu webhook config is documented but not required. No unrelated tokens or high-privilege credentials are requested.

Skill is not always-enabled and uses normal agent invocation. It stores state and performance data to local files under /tmp and logs; it does not request or modify other skills or system-level configurations. This persistence is typical for a trading bot.