Actual AI CLI
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: actual Version: 0.1.0 The skill bundle is a legitimate companion for the 'actual' CLI, designed to manage Architecture Decision Records (ADRs) within project documentation. It includes a well-structured SKILL.md that enforces a safe 'dry-run before execute' workflow and a diagnostic script (scripts/diagnose.sh) that performs read-only environment checks without exposing sensitive API keys. No evidence of data exfiltration, malicious execution, or prompt injection was found; all capabilities are aligned with the stated purpose of generating and syncing ADR context.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A troubleshooting run could reveal API keys or other sensitive configuration values to the agent session or logs.
The script prints full config output and only redacts api_key lines containing specific token prefixes such as sk- or key-. API keys with other formats, such as Cursor keys or future provider formats, could be printed into the agent transcript despite the script claiming it never prints secrets.
config_output=$(actual config show 2>&1) || config_output="(could not read config)"
...
case "$line" in
*api_key*:*sk-*|*api_key*:*key-*)
field=$(echo "$line" | cut -d: -f1)
info "$field: [REDACTED]"
;;
*)
[ -n "$line" ] && info "$line"
;;Do not run the diagnostic script with real credentials until redaction is broadened to suppress all api_key fields regardless of value format, or confirm that the underlying CLI already masks secrets.
Incorrect or unwanted ADR guidance could persist in project instruction files and influence future agent work.
The skill’s intended output is persistent instruction files that future coding agents and Cursor may automatically consume. This is disclosed and purpose-aligned, but it can affect later agent behavior.
| claude-md | `CLAUDE.md` | `# Project Guidelines` | Claude Code (default) | | agents-md | `AGENTS.md` | `# Project Guidelines` | OpenCode and other agent tools | | cursor-rules | `.cursor/rules/actual-policies.mdc` | YAML frontmatter | Cursor IDE | ... `alwaysApply: true` ensures the policies are always active in Cursor.
Review generated CLAUDE.md, AGENTS.md, and Cursor rule changes before accepting them, especially when ADRs come from remote services or are AI-tailored.
If used casually, --force could update project guidance files without the user reviewing the exact changes first.
The CLI documents a no-confirmation mode for writing generated ADR guidance. This is purpose-aligned, but it removes the normal review checkpoints for changes to agent instruction files.
`--force` flag: Skips this confirmation and writes all files.
Prefer `actual adr-bot --dry-run` and normal confirmation prompts; reserve `--force` for trusted, reviewed workflows.
Installing or running the external CLI grants it access to the local project and configured provider credentials.
The skill relies on an external Actual CLI installed from package managers or releases. This is central to the stated purpose, but users are still trusting that external binary.
| npm/npx (quickest) | `npm install -g @actualai/actual` | | Homebrew (macOS/Linux) | `brew install actual-software/actual/actual` | | GitHub Release (manual) | Download from `actual-software/actual-releases` on GitHub |
Install Actual only from trusted official sources and keep it updated; verify the package or release source before use.