Package Metadata

Author: —
Email: ClawQuant Team <[email protected]>
PyPI: agent-quant
Python: >=3.8
Versions: 58 releases
First release: 24 Apr 2026, 11:12 UTC
Analysed: 06 Jun 2026, 07:20 UTC
Source files: 62 .py files scanned

Project Links

Changelog Documentation Homepage Issues Repository

Classifiers

Development Status :: 4 - BetaIntended Audience :: DevelopersIntended Audience :: Financial and Insurance IndustryOperating System :: OS IndependentProgramming Language :: Python :: 3Programming Language :: Python :: 3.10Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.8Programming Language :: Python :: 3.9

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows signs of potential misuse due to its use of shell commands and subprocess execution, along with obfuscation techniques that could be used for evading detection. While there is no clear evidence of malicious intent, the lack of detailed metadata and repository information raises concerns about its reliability.

Use of shell commands and subprocess execution
Potential obfuscation and code injection via pickle.loads

Per-check LLM notes

Network: No network calls detected, which is normal and doesn't indicate immediate risk.
Shell: The use of shell commands and subprocess execution may be legitimate for package functionality but requires further investigation to ensure it's not being used maliciously.
Obfuscation: The code uses pickle.loads which can be risky as it may execute arbitrary code, and the obfuscation patterns suggest potential evasion techniques.
Credentials: No direct evidence of credential harvesting is found in the provided code snippet.
Metadata: The package has red flags including a missing repository and author details, suggesting potential unreliability.

🔬 Heuristic Checks

✓ Outbound Network Calls

No suspicious network call patterns found

⚠ Code Obfuscation score 6.0

Found 3 obfuscation pattern(s)

onError("服务端断开连接") return pickle.loads(payload) class DBClient: """ 数据库客户端 - 与 DuckDBMana
return None return pickle.loads(payload) def _recv_exact(sock: socket.socket, n: int) -> O
return None return pickle.loads(payload) def _recv_exact(sock: socket.socket, n: int) -

⚠ Shell / Subprocess Execution score 10.0

Found 6 shell execution pattern(s)

process = subprocess.Popen( [python_exe, '-m', db_service_module],
终端 process = subprocess.Popen( [python_exe, '-m', db_service_module],
占用端口的进程 result = subprocess.run( 'netstat -ano | findstr :9528',
try: subprocess.run(['taskkill', '/F', '/PID', pid], capture_output=True)
process = subprocess.Popen( [python_exe, '-m', 'agentquant.cli', 'gui'
p在后台运行 process = subprocess.Popen( [python_exe, '-m', 'agentquant.cli', 'gui'

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: example.com>

✓ Suspicious Page Links

All external links appear legitimate

⚠ Git Repository History score 3.0

Repository not found (deleted or private)

Repository not found (deleted or private)

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with agent-quant

Create a fully-functional mini-trading app using the 'agent-quant' package for the A-share stock market. This app will allow users to simulate quantitative trading strategies based on historical data. Here are the steps and features you should include:

1. **Setup Environment**: Ensure Python environment is set up with necessary libraries including 'agent-quant'. Install any dependencies required for data fetching and analysis.
2. **Data Fetching**: Implement a feature to fetch historical stock data from A-share market using 'agent-quant'. This could involve downloading data for specific tickers or indices over a defined period.
3. **Strategy Development**: Utilize 'agent-quant' to develop a simple quantitative trading strategy, such as moving average crossover or momentum-based trading. Users should be able to customize parameters like time periods for indicators.
4. **Backtesting**: Integrate backtesting functionality into your app. Use 'agent-quant' to run simulations of your trading strategy against historical data, providing metrics like return on investment, drawdown, and Sharpe ratio.
5. **Visualization**: Provide visualizations of trading signals and performance metrics. This could include charts showing price movements, trade entry/exit points, and overall strategy performance.
6. **User Interface**: Develop a simple user interface allowing users to input parameters for their trading strategy and view results. Consider using frameworks like Flask or Django for web-based UIs.
7. **Documentation**: Write comprehensive documentation detailing how to install the app, use its features, and understand the outputs. Include examples of how different strategies perform under various market conditions.

The goal is to create an educational tool that helps beginners understand the basics of quantitative trading while also providing advanced users with a sandbox to test out their ideas.