Outside-Agent Integration Pack

The Public API Skills Pack

A fully distributable bundle of agent skills, prompt templates, a dependency-free API client, and schema contracts — everything a capable AI agent needs to integrate with the CoinQuant platform without guesswork.

Requires Python 3.11+

Zero third-party dependencies

Live-validated 2026-05-06

Production API: api.coinquant.ai

Download skills pack

coinquant-public-api-skills-pack-v1.tar.gz

Overview

Built for agents with brains

The CoinQuant Public API Skills Pack is designed around a single principle: deterministic API calls first, AI reasoning second. Rather than letting an agent improvise around undocumented behavior, this pack gives it verified schemas, classified response contracts, and explicit operating rules that govern every interaction with the platform.

The pack ships with ten skill documents covering every layer of the API surface — from JWT validation and credit budgeting to multi-step research workflows, robustness testing, and community leaderboard access. A dependency-free Python client and a live validation suite round out the bundle, so you can confirm your integration is working against the real API before committing to a production workflow.

Production endpoint

https://api.coinquant.ai

All skill scripts target this base URL by default.

Token lifetime

30 days · RS256 JWT

Generate in Settings → Service Accounts. Copy the one-time access_token and store it in token.json.

Pack contents

What's inside

The archive unpacks to a structured directory with four top-level folders. Skills are numbered in load order — an agent should ingest them sequentially before reasoning about any API interaction.

skills/00

Operating rules

Non-negotiable public-agent constraints and decision loop

skills/01

Auth & client setup

JWT validation, bearer token handling, TTL management

skills/02

Credits & budget gate

Balance checks, usage queries, pre-flight budget enforcement

skills/03

SSE response classifier

Deterministic chat / report / strategy event-type routing

skills/04

Research & backtest

L1 + L2 research workflow, strategy materialization, backtesting

skills/05

Community leaderboard

Templates, public backtests, leaderboard access patterns

skills/06

Capability discovery

Assets, timeframes, indicators, order types — live discovery

skills/07

Advanced robustness

Monte Carlo, walk-forward, parameter heatmaps, risk analysis

skills/08

Trader operating system

Hypothesis → strategy → backtest → optimize → decide

skills/09

User-directed strategist

Preserves asset class, indicators, thesis, and risk preferences

templates/

Prompt templates

7 ready-to-use templates: discovery, research, hypothesis, robustness, dual validation, decision

scripts/

API client + validator

Dependency-free cq_api_client.py and live validation suite

Dependency-free client JSON schema contracts Live validation suite Parameter sweep engine Python 3.11+ SSE streaming JWT / RS256

Quick start

Up and running in minutes

Unpack the archive, drop in your token, and validate the connection before any paid workflow.

Unpack and configure

Extract the archive and copy the example token file. Paste your one-time access_token from CoinQuant Settings → Service Accounts.

bash

tar xf coinquant-public-api-skills-pack-v1.tar.gz
cd coinquant-public-api-skills-pack
cp examples/token.example.json token.json
# edit token.json — paste your access_token value

Preflight checks

Verify Python version, syntax-check all scripts, and run the unit tests. No network connection required at this stage.

bash

python3 --version          # must be 3.11+
python3 -m py_compile scripts/*.py
python3 -m unittest discover -s tests -q

Validate token and check credits

Always validate the JWT before any paid or LLM work. Confirm your credit balance before running prompts or backtests.

bash

python3 scripts/cq_api_client.py --token-file token.json validate-token
python3 scripts/cq_api_client.py --token-file token.json credits

Send a test prompt

Confirm the full SSE pipeline is working end-to-end with a lightweight chat prompt before committing to research or strategy workflows.

bash

python3 scripts/cq_api_client.py --token-file token.json \
  prompt 'Reply in one sentence: hello CoinQuant.'

Run the live validation suite (optional)

The safe mode is read-only and free. Pass --paid or --backtest flags only when you're ready to consume credits and create artifacts.

bashread-only

python3 scripts/validate_live_pack.py --safe

Research workflow

The serious trader pipeline

For experienced users, the pack exposes a full research operating model that mirrors how a professional quant approaches strategy development — structured, evidence-driven, and resistant to overfit. Each phase uses the CoinQuant domain expert and public backtester as authoritative sources rather than relying on the agent’s own inferences.

Report mode first. Always run a domain-expert report before and after backtesting. Classify all SSE responses by event type — never infer response type from the content of your prompt alone.

Capability discovery

Ask the CoinQuant LLM which assets, timeframes, indicators, order types, and fee/slippage parameters are supported. Do not brute-force feature probes.

Clean-slate research

Generate a market/research report first. Extract hypotheses from the report before creating any strategy schema.

Strategy materialization & backtest

Materialize the strategy schema to a real strategy_version_id, then run an accurate CoinQuant backtest. Never synthesize IDs.

Robustness testing

Request domain-expert code execution for Monte Carlo simulation, walk-forward analysis, bootstrap, fee/slippage stress, and parameter heatmaps.

Evidence-based decision

Continue, reject, or redesign based on sample size, robustness scores, and remaining budget. Use the included trader decision template to structure the final output.

Advanced usage

Parameter sweep engine

The pack includes a first-class sweep command that automates the full cycle: token validation, credit snapshot, base strategy generation, finalization, backtest, and per-variant exploration. Each run produces a manifest.json, sanitized per-step JSON artifacts, schema-diff summaries, and a summary.md.

bash · parameter sweep

python3 scripts/cq_api_client.py sweep \
  --config     examples/xrp_sweep.example.json \
  --output-dir ./evidence/xrp-sweep \
  --max-credits 5000

Budget guard. The --max-credits flag stops between runs using the observed credit delta, but a single in-flight prompt or backtest can consume credits before the guard triggers. Use small first-pass sweeps on tight budgets and prefer --dry-run to verify config before spending.

Validation status

Live-verified behavior

This pack was validated against the production API on 2026-05-06. The findings below reflect observed runtime behavior, not documentation assumptions. Agents loading this pack should treat these as ground truth until a newer validation run supersedes them.

✓ JWT minted by frontend: @@PROTECT0@@, @@PROTECT1@@, TTL 30 days.

✓ @@PROTECT2@@, @@PROTECT3@@, @@PROTECT4@@, and @@PROTECT5@@ all responded correctly.

✓ Chat and market report prompts streamed as @@PROTECT6@@ SSE events. Classifying by event type (not prompt intent) is mandatory.

✓ Backtesting an existing @@PROTECT7@@ worked end-to-end: submit 200 → poll completed → results 200 → CSV exports 200.

✓ Community leaderboards and backtests with @@PROTECT8@@ worked. Invalid @@PROTECT9@@ values returned 422 as expected.

! Strategy-generation prompts returned SSE @@PROTECT10@@ with @@PROTECT11@@ at validation time. The pack handles this deterministically — it stops rather than synthesizing strategy IDs.

Security

Token handling

The pack uses a token.json file pattern rather than shell arguments or environment variables by default. Token files are listed in .gitignore and keep JWTs out of shell history, process listings, and chat logs. Environment variables remain supported for controlled automation contexts where secrets are managed externally.

If a token has expired, the client will not proceed to any paid or LLM work — it will stop and instruct you to regenerate a key in the CoinQuant frontend. Never pass raw JWTs as positional arguments to shell commands.

Supported Elements

Changelog