跳转到内容
Skills 学习中心

Financial Services:金融服务业 Claude 插件生态系统

一句话总结

Section titled “一句话总结”

financial-services 是 Anthropic 官方的金融服务业 Claude 插件生态——10 个端到端工作流 Agent、7 大垂直领域插件、50+ 专业技能、11 个 MCP 数据连接器,同一套源码同时支持 Cowork 插件和 Managed Agent API 两种部署方式。

核心能力

Section titled “核心能力”
  • 🏦 10 个命名 Agent(Pitch Agent、Market Researcher、GL Reconciler 等),覆盖投行、研报、PE、基金运营全流程
  • 📊 50+ 专业技能:DCF 估值、可比公司分析、LBO 模型、盈利分析、尽职调查清单等
  • 🔌 11 个 MCP 数据连接器:S&P Global、FactSet、Morningstar、LSEG、PitchBook 等
  • 🔄 “一套源码,两种部署”架构:Cowork 插件 ↔ Managed Agent API 共享同一系统提示
  • 🛠 完整的开发工具链:lint 检查、技能同步、版本管理、Agent 间 handoff 编排
  • 📋 30+ 斜杠命令:/comps/dcf/earnings/ic-memo 等金融专业人士的快捷入口

触发场景

Section titled “触发场景”

当用户需要进行金融分析(估值、建模、尽调)、投资银行交易材料制作(Pitch Book、CIM、Teaser)、研报撰写、PE 交易流程、财富管理、基金运营等金融业务时,对应的 skill 自动触发。

文件清单

Section titled “文件清单”

One-Line Summary

Section titled “One-Line Summary”

financial-services is Anthropic’s official Claude plugin ecosystem for the financial services industry — 10 end-to-end workflow agents, 7 vertical plugins, 50+ specialized skills, 11 MCP data connectors. One source deploys two ways: Cowork plugins and Managed Agent API.

Core Capabilities

Section titled “Core Capabilities”
  • 🏦 10 named agents (Pitch Agent, Market Researcher, GL Reconciler, etc.) covering IB, ER, PE, fund operations
  • 📊 50+ specialized skills: DCF valuation, comps analysis, LBO modeling, earnings analysis, DD checklists
  • 🔌 11 MCP data connectors: S&P Global, FactSet, Morningstar, LSEG, PitchBook, and more
  • 🔄 “One source, two deploys” architecture: Cowork plugin ↔ Managed Agent API sharing the same system prompt
  • 🛠 Complete dev toolchain: lint checking, skill syncing, version bumping, agent-to-agent handoff orchestration
  • 📋 30+ slash commands: /comps, /dcf, /earnings, /ic-memo and more

Trigger Scenarios

Section titled “Trigger Scenarios”

When users need financial analysis (valuation, modeling, due diligence), investment banking deal materials (pitch books, CIMs, teasers), equity research reports, PE deal workflows, wealth management, or fund operations, the corresponding skill fires automatically.

File Inventory

Section titled “File Inventory”
  • financial-services 362 files total
    • .gitignore
    • CLAUDE.md 开发者文档
    • LICENSE Apache 2.0
    • README.md 项目入口 · 完整架构说明
    • .claude-plugin
    • .github
    • .githooks
    • scripts 7 个开发工具脚本
    • claude-for-msft-365-install M365 插件管理工具
    • managed-agent-cookbooks 10 个 Agent · Managed Agent API 部署模板
    • plugins 插件核心目录
      • agent-plugins 10 个命名 Agent · 每个含 agents/.md + skills/
        • earnings-reviewer earnings-reviewer.md + 6 skills
          • agents
          • skills audit-xls · earnings-analysis · earnings-preview · model-update · morning-note · xlsx-author
        • gl-reconciler gl-reconciler.md + 4 skills
          • agents
          • skills audit-xls · break-trace · gl-recon · xlsx-author
        • kyc-screener kyc-screener.md + 3 skills
          • agents
          • skills kyc-doc-parse · kyc-rules · xlsx-author
        • market-researcher market-researcher.md + 5 skills
          • agents
          • skills competitive-analysis · comps-analysis · idea-generation · pptx-author · sector-overview
        • meeting-prep-agent meeting-prep-agent.md + 4 skills
          • agents
          • skills client-report · client-review · investment-proposal · pptx-author
        • model-builder model-builder.md + 6 skills
          • agents
          • skills 3-statement-model · audit-xls · comps-analysis · dcf-model · lbo-model · xlsx-author
        • month-end-closer month-end-closer.md + 5 skills
          • agents
          • skills accrual-schedule · audit-xls · roll-forward · variance-commentary · xlsx-author
        • pitch-agent pitch-agent.md + 12 skills
          • agents
          • skills 3-statement-model · audit-xls · comps-analysis · dcf-model · deck-refresh · ib-check-deck · lbo-model · pitch-deck · pptx-author · sector-overview · xlsx-author ...
        • statement-auditor statement-auditor.md + 3 skills
        • valuation-reviewer valuation-reviewer.md + 4 skills
          • agents
          • skills ic-memo · portfolio-monitoring · returns-analysis · xlsx-author
      • partner-built 合作伙伴插件
        • lseg LSEG · 8 commands + 8 skills
          • README.md
          • CONNECTORS.md
          • commands analyze-bond-basis · analyze-bond-rv · analyze-fx-carry · analyze-option-vol · analyze-swap-curve · macro-rates · research-equity · review-fi-portfolio
          • skills bond-futures-basis · bond-relative-value · equity-research · fixed-income-portfolio · fx-carry-trade · macro-rates-monitor · option-vol-analysis · swap-curve-strategy
        • spglobal S&P Global · 3 skills
          • README.md
          • skills earnings-preview-beta · funding-digest · tear-sheet
      • vertical-plugins 7 个垂直领域 · 技能源 + 命令
        • financial-analysis ⭐ 核心 · .mcp.json + 7 commands + 12 skills
          • commands 3-statement-model · competitive-analysis · comps · dcf · debug-model · lbo · ppt-template
          • skills 3-statement-model · audit-xls · clean-data-xls · competitive-analysis · comps-analysis · dcf-model · deck-refresh · ib-check-deck · lbo-model · ppt-template-creator · skill-creator · xlsx-author
          • .mcp.json 11 个 MCP 数据连接器配置
        • investment-banking 7 commands + 9 skills
          • commands buyer-list · cim · deal-tracker · merger-model · one-pager · process-letter · teaser
          • skills buyer-list · cim-builder · datapack-builder · deal-tracker · merger-model · pitch-deck · process-letter · strip-profile · teaser
        • equity-research 9 commands + 9 skills
          • commands catalysts · earnings · earnings-preview · initiate · model-update · morning-note · screen · sector · thesis
          • skills catalyst-calendar · earnings-analysis · earnings-preview · idea-generation · initiating-coverage · model-update · morning-note · sector-overview · thesis-tracker
        • private-equity 10 commands + 11 skills
          • commands ai-readiness · dd-checklist · dd-prep · ic-memo · portfolio · returns · screen-deal · source · unit-economics · value-creation
          • skills ai-readiness · dd-checklist · dd-meeting-prep · deal-screening · deal-sourcing · ic-memo · portfolio-monitoring · returns-analysis · unit-economics · value-creation-plan ...
        • wealth-management 6 commands + 6 skills
          • commands client-report · client-review · financial-plan · proposal · rebalance · tlh
          • skills client-report · client-review · financial-plan · investment-proposal · portfolio-rebalance · tax-loss-harvesting
        • fund-admin fund administration skills
        • operations 2 skills: kyc-doc-parse · kyc-rules

目录结构分析

Section titled “目录结构分析”

financial-services 是一个插件架构型项目,采用三层设计:

  1. 垂直插件层(vertical-plugins/):技能的”单一事实源”。7 个垂直领域各自携带专属技能和斜杠命令。financial-analysis 是核心插件,承载共享建模技能和全部 11 个 MCP 连接器。
  2. Agent 插件层(agent-plugins/):自包含的端到端工作流 Agent。每个 Agent 从垂直层”打包”所需技能到自己的 skills/ 目录,加上系统提示 agents/<slug>.md
  3. CMA 模板层(managed-agent-cookbooks/):将 Agent 转换为 Managed Agent API 可部署的 YAML 模板,每个 Agent 配有 3 个 depth-1 leaf-worker subagent。

核心设计决策:“同一源码,两个出口”——Cowork 插件和 Managed Agent API 引用同一份系统提示和技能,通过 agent.yamlsystem.file 字段指向 agent-plugins/ 下的内容。

SKILL.md 结构解析

Section titled “SKILL.md 结构解析”

每个技能 SKILL.md 遵循严格的指令式工作流模式。以 dcf-model 为例(~1263 行):

  • YAML Frontmattername + description(含触发条件和使用场景边界)
  • Critical Constraints:非协商性约束(Formula over hardcodes、分步验证、敏感性表格奇数行列要求)
  • 分步工作流:Data Retrieval → Revenue Projections → Margin Build → WACC → Terminal Value → Sensitivity Tables → Final Output
  • 环境适配:Office JS(Excel 内运行)vs Python/openpyxl(独立 .xlsx 生成),同一套原则适配两种 API

Directory Structure Analysis

Section titled “Directory Structure Analysis”

financial-services is a plugin-architecture project with a three-layer design:

  1. Vertical Plugins Layer (vertical-plugins/): The “single source of truth” for skills. 7 verticals each carry domain-specific skills and slash commands. financial-analysis is the core plugin carrying shared modeling skills and all 11 MCP connectors.
  2. Agent Plugins Layer (agent-plugins/): Self-contained end-to-end workflow agents. Each agent “bundles” required skills from the vertical layer into its own skills/ directory, plus a system prompt at agents/<slug>.md.
  3. CMA Template Layer (managed-agent-cookbooks/): Converts agents into Managed Agent API-deployable YAML templates, each with 3 depth-1 leaf-worker subagents.

Core design decision: “One source, two exits” — Cowork plugins and Managed Agent API reference the same system prompt and skills, with agent.yaml’s system.file field pointing to content under agent-plugins/.

SKILL.md Structure Analysis

Section titled “SKILL.md Structure Analysis”

Each skill SKILL.md follows a strict instructional workflow pattern. Taking dcf-model as an example (~1263 lines):

  • YAML Frontmatter: name + description (with trigger conditions and use-case boundaries)
  • Critical Constraints: Non-negotiable constraints (Formulas over hardcodes, step-by-step verification, odd-numbered sensitivity table rows/columns)
  • Step-by-step Workflow: Data Retrieval → Revenue Projections → Margin Build → WACC → Terminal Value → Sensitivity Tables → Final Output
  • Environment Adaptation: Office JS (inside Excel) vs Python/openpyxl (standalone .xlsx generation), same principles adapted for two APIs

模块关系

Section titled “模块关系”

核心关系链:vertical-plugins(技能源)→ sync-agent-skills.py(同步)→ agent-plugins(打包)→ agent.yaml(引用)→ Managed Agent API(部署)

每个 Agent 的 subagent 结构遵循流水线分工模式:上游读取(Reader)→ 中间处理(Builder/Modeler)→ 下游输出(Writer/Publisher),只给最后一级 subagent 写权限。

Module Relationships

Section titled “Module Relationships”

Core chain: vertical-plugins (skill source) → sync-agent-skills.py (sync) → agent-plugins (bundle) → agent.yaml (reference) → Managed Agent API (deploy)

Each agent’s subagent structure follows a pipeline division of labor pattern: upstream reading (Reader) → midstream processing (Builder/Modeler) → downstream output (Writer/Publisher), with write permission only for the last-stage subagent.

financial-services 模块关系图

graph TD
  VP[vertical-plugins/
7 个垂直领域] -->|技能源| SYNC[sync-agent-skills.py]
  SYNC -->|同步技能副本| AP[agent-plugins/
10 个命名 Agent]
  AP -->|system.file 引用| CMA[managed-agent-cookbooks/
agent.yaml + subagents]
  CMA -->|POST /v1/agents| DEPLOY[Managed Agent API]
  AP -->|加载为插件| COWORK[Claude Cowork]
  MP[marketplace.json] -->|注册 20 个插件| AP
  MP -->|注册 7 个垂直插件| VP
  MP -->|注册 2 个合作伙伴| PB[partner-built/]
  MCP[.mcp.json
11 个数据连接器] -->|提供数据| VP
  SCRIPTS[scripts/] -->|check.py 验证| VP
  SCRIPTS -->|check.py 验证| AP
  SCRIPTS -->|check.py 验证| CMA
  SCRIPTS -->|orchestrate.py 编排| DEPLOY
  VP -->|commands/
30+ 斜杠命令| COWORK

脚本全量清单

Section titled “脚本全量清单”
脚本语言行数复杂度功能
check.pyPython~195⭐⭐⭐⭐全仓库 Lint + 跨文件引用验证 + 技能漂移检测 + Git hooks 自安装
sync-agent-skills.pyPython~45⭐⭐将垂直层技能同步到所有 Agent 的打包副本
orchestrate.pyPython~90⭐⭐⭐⭐Agent 间 handoff 事件循环 · 参考实现
validate.pyPython⭐⭐⭐插件 manifest 格式校验
version_bump.pyPython⭐⭐⭐自动 patch 版本升级 · pre-commit hook + CI backstop
deploy-managed-agent.shBash⭐⭐⭐一键部署 Agent 到 Managed Agent API
test-cookbooks.shBash⭐⭐Cookbook 配置测试
ScriptLanguageLinesComplexityPurpose
check.pyPython~195⭐⭐⭐⭐Repo-wide lint + cross-file reference validation + skill drift detection + Git hooks self-install
sync-agent-skills.pyPython~45⭐⭐Sync vertical-layer skills to all agent bundled copies
orchestrate.pyPython~90⭐⭐⭐⭐Inter-agent handoff event loop · reference implementation
validate.pyPython⭐⭐⭐Plugin manifest format validation
version_bump.pyPython⭐⭐⭐Auto patch version bump · pre-commit hook + CI backstop
deploy-managed-agent.shBash⭐⭐⭐One-click deploy agent to Managed Agent API
test-cookbooks.shBash⭐⭐Cookbook config testing

check.py — 全仓库质量闸门

Section titled “check.py — 全仓库质量闸门”

check.py 是整个仓库的”提交前质量闸门”——它 lint 所有 YAML/JSON/markdown 文件,验证跨文件引用,检测 Agent 打包技能是否与垂直源漂移,并自安装 Git hooks。任何 check.py 失败都会阻止提交。

check.py is the “pre-commit quality gate” for the entire repo — it lints all YAML/JSON/markdown files, validates cross-file references, detects if agent-bundled skills have drifted from vertical sources, and self-installs Git hooks. Any check.py failure blocks commits.

check.py — 全仓库质量闸门 ↗ 源文件
1 #!/usr/bin/env python3 2 """Lint all plugin + managed-agent manifests and verify cross-file references.""" 3 4 # --- 1. YAML parse --- 5 for yml in sorted(MANAGED.rglob("*.yaml")): 6 checked += 1 7 yaml.safe_load(f) # 解析所有 agent.yaml / subagent yaml 8 9 # --- 2. JSON parse --- 10 for pat in json_globs: 11 for jf in sorted(ROOT.glob(pat)): 12 json.loads(jf.read_text()) # 验证 marketplace.json / plugin.json 13 14 # --- 3. agent.md frontmatter --- 15 for md in sorted(PLUGINS.glob("agent-plugins/*/agents/*.md")): 16 # 每个 agent.md 必须有有效的 YAML frontmatter + name + description 17 18 # --- 4. reference resolution --- 19 def check_refs(yml: Path) -> None: 20 # system.file → 目标文件必须存在 21 # skills[].path → 技能目录必须存在 22 # callable_agents[].manifest → subagent yaml 必须存在 23 24 # --- 4b. bundled-skill drift detection --- 25 cmp = filecmp.dircmp(src, bundled) 26 if cmp.diff_files or cmp.left_only or cmp.right_only: 27 err("drifted from source — run scripts/sync-agent-skills.py") 28 29 # --- 4c. agent.md references skills in its own bundle --- 30 # 确保 agent.md 中引用的技能名在 agent 自己的 skills/ 目录中 31 32 # --- 5. required files per managed-agent --- 33 for d in sorted(MANAGED.iterdir()): 34 for req in ("agent.yaml", "README.md", "steering-examples.json"): 35 if not (d / req).is_file(): 36 err("missing required file")
代码解读
L1 全仓库检查的入口点——所有提交前必须通过 L7 五步检查流水线:YAML → JSON → Frontmatter → 引用 → 完整性 L15 自安装 Git hooks(core.hooksPath → .githooks),零依赖模拟 Husky L20 核心校验:system.file / skills.path / callable_agents.manifest 必须可解析 L25 关键创新:用 filecmp.dircmp 检测打包技能与垂直源的漂移 L29 语义校验:agent.md 中引用的技能名必须在 agent 的 skills/ 中实际存在 L33 结构完整性:每个 managed-agent 目录必须有三个必需文件

sync-agent-skills.py — 技能同步引擎

Section titled “sync-agent-skills.py — 技能同步引擎”

sync-agent-skills.py 实现了 DRY 原则中关键的同步逻辑。技能只在垂直层编辑一次,这个脚本通过 shutil.copytree 将修改传播到所有打包该技能的 Agent。配合 check.py 的漂移检测,形成”编辑→同步→验证”的闭环。

sync-agent-skills.py implements the critical sync logic in the DRY principle. Skills are edited once in the vertical layer; this script propagates changes to all agents that bundle that skill via shutil.copytree. Together with check.py’s drift detection, it forms the “edit → sync → verify” loop.

sync-agent-skills.py — 技能同步引擎 ↗ 源文件
1 #!/usr/bin/env python3 2 """Re-sync each agent plugin's bundled skills from the vertical-plugin source.""" 3 4 ROOT = Path(__file__).resolve().parents[1] 5 AGENTS = ROOT / "plugins" / "agent-plugins" 6 VERTICALS = ROOT / "plugins" / "vertical-plugins" 7 8 # index every skill name -> source dir in verticals 9 src_by_name: dict[str, Path] = {} 10 for sk in VERTICALS.glob("*/skills/*"): 11 if sk.is_dir(): 12 src_by_name[sk.name] = sk 13 14 synced = 0 15 missing: list[str] = [] 16 for bundled in sorted(AGENTS.glob("*/skills/*")): 17 if not bundled.is_dir(): 18 continue 19 src = src_by_name.get(bundled.name) 20 if not src: 21 missing.append(str(bundled.relative_to(ROOT))) 22 continue 23 shutil.rmtree(bundled) 24 shutil.copytree(src, bundled) 25 synced += 1
代码解读
L6 建立索引:遍历所有垂直插件的 skills/,构建 name → 源目录 映射 L12 遍历每个 Agent 的打包技能,根据名称查找垂直源 L17 找不到源的报告为 WARN——说明这个技能没有在垂直层定义 L19 先 rmtree 删除旧副本,再 copytree 完整同步——确保完全一致 L21 简洁高效:仅 45 行,无外部依赖,纯标准库完成关键同步任务

orchestrate.py — Agent 间 Handoff 编排

Section titled “orchestrate.py — Agent 间 Handoff 编排”

orchestrate.py 是一个参考级的事件循环实现,展示如何在 Managed Agent 模式下处理 Agent 间的 handoff_request 事件。它包含三个安全层次:目标 Agent 白名单、JSON Schema 验证、正则提取。文档明确声明这是”参考实现”——生产环境应使用 Temporal/Airflow 等工作流引擎替代。

orchestrate.py is a reference-level event loop implementation showing how to handle handoff_request events between agents in Managed Agent mode. It contains three security layers: target agent allowlist, JSON Schema validation, and regex extraction. The documentation explicitly states this is a “reference implementation” — production should use Temporal/Airflow or similar workflow engines.

orchestrate.py — 安全的 Agent Handoff 事件循环 ↗ 源文件
1 ALLOWED_TARGETS = { 2 "pitch-agent", "market-researcher", "earnings-reviewer", 3 "meeting-prep-agent", "model-builder", "gl-reconciler", 4 "kyc-screener", "valuation-reviewer", "month-end-closer", 5 "statement-auditor", 6 } 7 8 HANDOFF_PAYLOAD_SCHEMA = { 9 "type": "object", 10 "additionalProperties": False, 11 "required": ["event"], 12 "properties": { 13 "event": {"type": "string", "maxLength": 2000}, 14 "context_ref": {"type": "string", "maxLength": 256, 15 "pattern": r"^[A-Za-z0-9 ._/:#-]+$"}, 16 }, 17 } 18 19 HANDOFF_RE = re.compile(r'{"type":s*"handoff_request".*?}', re.DOTALL) 20 21 def extract_handoff(text: str) -> dict | None: 22 m = HANDOFF_RE.search(text) 23 if not m: 24 return None 25 obj = json.loads(m.group(0)) 26 target = obj.get("target_agent") 27 payload = obj.get("payload") 28 if target not in ALLOWED_TARGETS: # ← 白名单检查 29 return None 30 jsonschema.validate(instance=payload, schema=HANDOFF_PAYLOAD_SCHEMA) 31 return {"target_agent": target, "payload": payload}
代码解读
L1 硬编码白名单:只有这 10 个 slug 可以作为 handoff 目标 L8 JSON Schema 约束:payload 只接受 event(≤2000字)和 context_ref(字母数字) L15 正则匹配从流文本中提取 handoff_request JSON blob L20 三层安全检查:JSON 解析 → 白名单匹配 → Schema 验证(additionalProperties 关闭) L24 安全注意事项:防止不可信文档中的注入攻击——攻击者可能嵌入伪造的 handoff L26 生产建议:使用 typed SSE 事件或专用 tool call,而非从模型输出文本中解析

设计亮点

Section titled “设计亮点”
  1. “一套源码,两种部署”架构:Cowork 插件和 Managed Agent API 共用同一份系统提示和技能文件。agent.yamlsystem.file 字段通过相对路径指向 agent-plugins/,消除了代码重复。
  2. DRY 技能管理 + 漂移检测:技能只在 vertical-plugins/ 中编辑,sync-agent-skills.py 传播到 Agent,check.pyfilecmp.dircmp 验证一致性——形成”编辑→同步→验证”的闭环。
  3. Subagent 最小权限原则:每个 Agent 的 3 个 subagent 采用流水线分工——Reader(只读)→ Processor(处理)→ Writer(唯一有写权限的 leaf),降低风险面。
  4. 安全 Handoff 协议orchestrate.py 实现了三层安全(白名单 + Schema + 正则),并提供安全威胁模型分析——明确指出不可信文档的注入攻击风险及缓解措施。
  5. 零依赖开发工具链check.py 自安装 Git hooks(无需 Husky/Node),version_bump.py 在 commit 和 CI 两层确保版本管理,纯标准库或轻量依赖。

可复用模式

Section titled “可复用模式”
模式描述适用场景
技能垂直分层vertical-plugins 是单一事实源,agent-plugins 打包副本。通过同步脚本 + 漂移检测保证一致性多产品/多 Agent 共享同一套技能库
双环境适配同一份 SKILL.md 包含 Office JS 和 Python/openpyxl 两套 API 示例,通过环境检测选择Skill 需要在不同运行时环境中工作
Formula-over-hardcode 约束SKILL.md 中明确标注 NON-NEGOTIABLE 的规则,配合具体代码示例说明正确和错误做法需要确保 AI 输出质量的关键规则
Subagent 流水线Reader → Processor → Writer 的三段式分工,仅最后一级有写权限多步骤端到端工作流的 Agent 设计
安全 Handoff 协议白名单 + JSON Schema + 正则的三层安全模型,附带威胁模型分析Agent 间需要安全传递控制权
插件市场清单marketplace.json 注册所有插件,支持从 GitHub URL 一键安装需要分发的多插件生态
PatternDescriptionUse Case
Vertical skill layeringvertical-plugins as single source of truth, agent-plugins as bundled copies. Sync script + drift detection ensures consistencyMultiple products/agents sharing the same skill library
Dual-environment adaptationSame SKILL.md includes both Office JS and Python/openpyxl API examples, selected by runtime detectionSkills that need to work in different runtime environments
Formula-over-hardcode constraintSKILL.md marks NON-NEGOTIABLE rules with concrete code examples showing correct vs. incorrect approachesCritical rules where AI output quality must be guaranteed
Subagent pipelineReader → Processor → Writer three-stage division, only last stage has write permissionMulti-step end-to-end workflow agent design
Secure handoff protocolAllowlist + JSON Schema + regex three-layer security model with threat model analysisSecure control transfer between agents
Plugin marketplace manifestmarketplace.json registers all plugins, supporting one-click install from GitHub URLMulti-plugin ecosystem for distribution

移植思路

Section titled “移植思路”

财务领域 → 你的领域:将 financial-analysis 替换为你的核心垂直插件(如 legal-contractsmedical-records),把 DCF/Comps/LBO 技能替换为你的领域专业方法。MCP 连接器换成你的数据源。Agent 命名(Pitch Agent → Case Builder)对应你的工作流。关键保留的部分:check.py 的引用校验逻辑、sync-agent-skills.py 的同步模式、agent.yamlsystem.file 引用方式。

常见坑

Section titled “常见坑”
  • ⚠️ 编辑 Agent 的打包技能副本而非垂直源:只能编辑 vertical-plugins/<vertical>/skills/<name>/,然后运行 sync-agent-skills.pycheck.py 会检测漂移并阻止提交。
  • ⚠️ SKILL.md 行数膨胀:财务主题本身复杂,但 dcf-model 的 1263 行中约 60% 是 Office JS 和 Python 的双份示例代码。如果技能只需支持一个环境,可以大幅缩减。
  • ⚠️ MCP 连接器依赖外部服务:11 个数据连接器都需要各自的 API key/订阅,本地开发时可能需要 mock。
  • ⚠️ Agent Subagent 的手工维护:每个 Agent 的 3 个 subagent 定义和对应的 YAML manifest 需要人工保持同步,目前没有自动化创建工具。

Design Highlights

Section titled “Design Highlights”
  1. “One source, two deploys” architecture: Cowork plugins and Managed Agent API share the same system prompt and skill files. agent.yaml’s system.file points to agent-plugins/ via relative path, eliminating code duplication.
  2. DRY skill management + drift detection: Skills edited only in vertical-plugins/, sync-agent-skills.py propagates to agents, check.py verifies consistency with filecmp.dircmp — forming the “edit → sync → verify” closed loop.
  3. Subagent least-privilege principle: Each agent’s 3 subagents use pipeline division — Reader (read-only) → Processor (transform) → Writer (sole write permission leaf), reducing attack surface.
  4. Secure handoff protocol: orchestrate.py implements three security layers (allowlist + Schema + regex) with threat model analysis — explicitly calling out injection risks from untrusted documents and mitigations.
  5. Zero-dependency dev toolchain: check.py self-installs Git hooks (no Husky/Node needed), version_bump.py ensures version management at both commit and CI layers, pure stdlib or lightweight deps.

Reusable Patterns

Section titled “Reusable Patterns”
PatternDescriptionUse Case
Vertical skill layeringvertical-plugins as single source of truth, agent-plugins as bundled copies. Sync script + drift detection ensures consistencyMultiple products/agents sharing the same skill library
Dual-environment adaptationSame SKILL.md includes both Office JS and Python/openpyxl API examples, selected by runtime detectionSkills that need to work in different runtime environments
Formula-over-hardcode constraintSKILL.md marks NON-NEGOTIABLE rules with concrete code examples showing correct vs. incorrect approachesCritical rules where AI output quality must be guaranteed
Subagent pipelineReader → Processor → Writer three-stage division, only last stage has write permissionMulti-step end-to-end workflow agent design
Secure handoff protocolAllowlist + JSON Schema + regex three-layer security model with threat model analysisSecure control transfer between agents
Plugin marketplace manifestmarketplace.json registers all plugins, supporting one-click install from GitHub URLMulti-plugin ecosystem for distribution
PatternDescriptionUse Case
Vertical skill layeringvertical-plugins as single source of truth, agent-plugins as bundled copies. Sync script + drift detection ensures consistencyMultiple products/agents sharing the same skill library
Dual-environment adaptationSame SKILL.md includes both Office JS and Python/openpyxl API examples, selected by runtime detectionSkills that need to work in different runtime environments
Formula-over-hardcode constraintSKILL.md marks NON-NEGOTIABLE rules with concrete code examples showing correct vs. incorrect approachesCritical rules where AI output quality must be guaranteed
Subagent pipelineReader → Processor → Writer three-stage division, only last stage has write permissionMulti-step end-to-end workflow agent design
Secure handoff protocolAllowlist + JSON Schema + regex three-layer security model with threat model analysisSecure control transfer between agents
Plugin marketplace manifestmarketplace.json registers all plugins, supporting one-click install from GitHub URLMulti-plugin ecosystem for distribution

Porting Guide

Section titled “Porting Guide”

Financial domain → Your domain: Replace financial-analysis with your core vertical plugin (e.g., legal-contracts, medical-records), swap DCF/Comps/LBO skills for your domain methods. Point MCP connectors at your data sources. Rename agents (Pitch Agent → Case Builder) to match your workflows. Key parts to preserve: check.py’s reference validation logic, sync-agent-skills.py’s sync pattern, agent.yaml’s system.file referencing approach.

Common Pitfalls

Section titled “Common Pitfalls”
  • ⚠️ Editing agent-bundled skill copies instead of vertical source: Only edit vertical-plugins/<vertical>/skills/<name>/, then run sync-agent-skills.py. check.py detects drift and blocks commits.
  • ⚠️ SKILL.md line count bloat: Financial topics are inherently complex, but ~60% of dcf-model’s 1263 lines are dual Office JS and Python examples. If your skill only needs one environment, you can drastically reduce.
  • ⚠️ MCP connectors depend on external services: All 11 data connectors require their own API keys/subscriptions; you may need mocks for local development.
  • ⚠️ Manual maintenance of agent subagents: Each agent’s 3 subagent definitions and corresponding YAML manifests need manual synchronization — there’s currently no automated creation tool.