The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses the subprocess module in scripts/paper_trading_ctl.py and scripts/full_function_smoke_check.py to manage the trading service's lifecycle. These calls use structured argument lists and avoid shell execution, ensuring commands are executed securely.
[EXTERNAL_DOWNLOADS]: Market data is fetched from reputable financial platforms including Tencent and Sina via their public APIs. These are well-known and expected sources for the skill's stated purpose of financial simulation.
[SAFE]: The skill implements a persistence mechanism on macOS by creating a launchd agent in ~/Library/LaunchAgents/. This is a legitimate, documented feature of the paper_trading_ctl.py script intended to keep the simulation service running.
[SAFE]: The application follows best practices for data storage by placing its SQLite database and log files in standard user-level directories such as ~/Library/Application Support/ (macOS) or ${XDG_DATA_HOME} (Linux).
[SAFE]: The code uses parameterized SQL queries throughout scripts/paper_trading/engine.py, effectively preventing SQL injection vulnerabilities.

a-share-paper-trading