quantai-service

SUSPICIOUS. The skill’s quant-research purpose is coherent with writing plugins and fetching backtest artifacts, but its actual trust model is poor: all code and result exchange is routed through an unverifiable raw-IP service over plain HTTP. That creates high risk of code interception, tampering, and exfiltration of proprietary factor logic, even though there is no clear evidence of confirmed malware.