📦 Data — 数据
v0.8.2质量审计 对已完成CN banker交付物进行独立跨源审计。当用户要求审计/复核/双核实/交叉验证/数据质量检查/审计现有de...时使用。
0· 25·0 当前·0 累计
by 下载技能包
最后更新
2026/4/20
安全扫描
OpenClaw
安全
high confidenceThe skill's files, parser script, and runtime instructions are coherent with an independent cross-source audit purpose and do not request unrelated credentials or perform unexpected installs.
评估建议
This skill appears to do what it says: parse provenance tables, re-fetch the same metrics from independent market sources, apply sanity rules, and write an audit report. Before running it: 1) Ensure the agent/environment has the appropriate MCP connectors and API keys (Tushare, FMP, web_fetch, etc.) and that those credentials are minimal-scope and trusted. 2) Only run the audit on deliverable directories you expect it to read — it will parse and write files under that path (audit-report.md, audi...详细分析 ▾
✓ 用途与能力
The name/description match the provided SKILL.md, YAML rules, and the parser script: the skill parses a deliverable's data-provenance.md, re-fetches numbers from independent market connectors, applies sanity rules, and emits an audit report. It does not request unrelated environment variables or binaries. The only external dependency implied is access to the platform's MCP/web-fetch tools (expected for cross-source verification).
✓ 指令范围
SKILL.md explicitly instructs the agent to read <deliverable>/data-provenance.md, independently fetch values from other market sources, apply the rule set, write audit-report.md and audit-raw.json, and return a verdict. Those file reads/writes are coherent with the stated audit purpose. There are no instructions to read unrelated system files, to exfiltrate deliverable contents to unknown endpoints, or to access environment variables beyond what MCP fetchers may require.
✓ 安装机制
No install spec; this is instruction-only with one small helper script (a deterministic markdown parser). Nothing is downloaded or written to system paths by an installer. Risk from install mechanism is minimal.
ℹ 凭证需求
The skill declares no required env vars or credentials, which is proportionate. Note: real cross-source fetches (Tushare, FMP, vendor MCPs) typically require API keys or access configured on the agent platform; the SKILL.md assumes those MCP tools and creds exist but does not request them. This is reasonable but means the agent executing the skill must already have the necessary credentials (scope them appropriately).
✓ 持久化与权限
always:false and default model-invocation settings are normal. The skill does not request permanent presence or modify other skills. It reads and writes files inside the target deliverable directory only, which matches its purpose.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv0.8.22026/4/20
- Added new rule checks: restatement_aware, roe_definition_check, and price_basis_check (total rule set increased to 13). - Enhanced common-sense sanity checks to flag or fail suspect data based on updated rules. - Improved cross-source auditing workflow: enforces use of independent data sources for each number, flags unverifiable or unavailable second sources. - Audit report now provides clearer verdicts (PASS / FLAG / FAIL) and includes actionable next steps. - Documentation thoroughly explains audit logic, typical failure scenarios, and integration with other data verification steps.
● 无害
安装命令
点击复制官方npx clawhub@latest install data-quality-audit
镜像加速npx clawhub@latest install data-quality-audit --registry https://cn.longxiaskill.com