Skills
skills/jsoncodechina/wind-skills/wind-quote-skill/Gen Agent Trust Hub

wind-quote-skill

Pass

Audited by Gen Agent Trust Hub on Apr 25, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill interacts with the official Wind API endpoint at https://mcp.wind.com.cn. This connection is used to retrieve tool schemas and financial market data (quotes, K-line, sector members), which is the intended purpose of the skill.
  • [COMMAND_EXECUTION]: The skill utilizes a Node.js CLI script (scripts/cli.mjs) to perform network requests and manage a local cache of tool definitions. It uses standard Node.js APIs for file system access and network communication.
  • [CREDENTIALS_UNSAFE]: The skill manages a WIND_API_KEY used for authenticating with the Wind service. It follows a standard hierarchy for secret management (Environment variable > local config > global config) and documents the security best practice of storing keys in a user-protected directory (~/.wind-aimarket/).
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 25, 2026, 08:43 AM