quote-invoice-workbench
PassAudited by ClawScan on May 1, 2026.
Overview
This skill appears coherent and benign, using a local helper script to draft quotes and invoices, with the main thing to watch being user-directed file output.
This looks safe to use for drafting quotes and invoices. Treat outputs as drafts, verify calculations, taxes, assumptions, and payment terms, and run the helper only on files and output paths you intend to use.
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the helper is run with the wrong output path, it may replace a local JSON file with generated quote data.
The helper script writes calculated quote data to a user-selectable output path. This is purpose-aligned for generating draft artifacts, but it could overwrite an existing file if pointed at one.
ap.add_argument("--out", default="quote.json") ... json.dump(payload, open(args.out, "w", encoding="utf-8"), ensure_ascii=False, indent=2)Use an explicit, intended output filename and review the generated quote or invoice draft before sending or relying on it.