The Agent Skills Directory

[COMMAND_EXECUTION]: The skill workflow in references/data-queries.md requires the agent to execute shell commands to activate a specific Python virtual environment and run the views_runner.py script located in a sibling directory (../findata-toolkit-cn/).
[EXTERNAL_DOWNLOADS]: The skill performs environment setup by installing Python dependencies via pip targeting a requirements file in an external sibling directory.
[PROMPT_INJECTION]: The skill ingests untrusted market data from external financial platforms (AKShare, EastMoney). It lacks explicit boundary markers or sanitization steps for this data, creating a surface for indirect prompt injection where malicious instructions could theoretically be embedded in financial data fields. Capability inventory: shell command execution for data fetching and file system access for caching.
[CREDENTIALS_UNSAFE]: Documentation references the use of an environment variable XUEQIU_TOKEN for specific tool authentication. While no secrets are hardcoded in the skill, it is designed to interact with sensitive API credentials.

market-overview-dashboard