Local A-share analysis with Markdown/JSON reports, optional Feishu notifications, and optional iFinD enhancement.
Security Analysis
high confidenceThe skill's declared purpose (local A-share analysis using an LLM) matches what it requests and instructs; it runs a local Python module and optionally uses notification/enhancement API keys — nothing in the included files indicates covert or unrelated behavior.
Name/description, required binary (python3), and required primary env (OPENAI_API_KEY) align with an LLM-powered local analysis pipeline. The skill explicitly requires a local JusticePlutus repository to exist, which explains the minimal files included here.
SKILL.md and the shipped wrapper script consistently instruct running the local pipeline (sh .../run_analysis.sh -> python -m justice_plutus run ...). The instructions explicitly reference optional notification/enhancement flows and the optional env vars needed for them. This is expected, but running the local module will execute arbitrary code from the user's JusticePlutus repository and may perform network calls (search providers, iFinD, Feishu, Telegram) when corresponding keys are present.
No install spec; instruction-only with a small wrapper script. Nothing is downloaded or extracted by the skill bundle itself.
The skill declares OPENAI_API_KEY as the primary required credential, which is reasonable for LLM analysis. SKILL.md also lists numerous optional secrets (AIHUBMIX_KEY, GEMINI_API_KEY, IFIND_REFRESH_TOKEN, WENCAI_COOKIE, HSCLOUD_* tokens, FEISHU_WEBHOOK_URL, etc.) used only for optional enhancements. Those optional credentials are proportional to the optional features but should only be provided if the user intends to enable those enhancements.
always is false and the skill does not request system-wide changes or modify other skills. It only runs a local command and exports per-run environment variables when flags are used.
Guidance
This skill is internally consistent with its goal of running a local LLM-powered A-share analysis pipeline. Before installing or running: 1) ensure you have the actual JusticePlutus repository from a trusted source on the machine (the script runs python -m justice_plutus, which will execute that repository's code); 2) only provide the API keys/cookies you actually need (do not paste unrelated credentials); 3) review the JusticePlutus code (networking, webhook logic) if you plan to enable notifications or external enhancements; 4) consider running initial tests in a contained environment (VM or container) if you are unsure about the repository's provenance; and 5) note that optional features (iFinD, search providers, Feishu, Telegram) will cause network activity and require their own secrets.
Latest Release
v2.1.0
Add Feishu notification support details, iFinD enhancement docs, and local runner flags for notify/ifind/dry-run.
More by @etherstrings
Published by @etherstrings on ClawHub
