Invoice Generator
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a coherent invoice-writing skill, but users should notice that it may save and reuse business, client, payment, and invoice-history details.
This skill appears safe and purpose-aligned as an instruction-only invoice generator. Before installing, be aware that it may save invoice records and reusable business details locally; review totals, due dates, and payment details before sending any generated invoice.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
65/65 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may create or update local invoice files containing business, client, and payment information.
The skill directs the agent to create invoice files locally. This is purpose-aligned for an invoice generator and scoped to an invoices directory, but users should be aware of local file creation.
Save invoices to an `invoices/` directory for record-keeping
Keep the invoices directory in a location you control, review generated files before sending them, and avoid overwriting or storing sensitive payment details unless needed.
Stored or reused invoice details could include client names, addresses, payment methods, invoice amounts, and business contact information.
The skill asks to retain reusable business information and later reuse prior details, which is useful for recurring invoices but creates persistent context containing business data.
Your business info: Name, address, email, phone (save for reuse)
Confirm what information is being reused, update stale details before generating new invoices, and avoid including sensitive banking information unless you are comfortable storing it with the invoices.