ClawHub
Back to skill
v1.0.0

Accounting Assistant

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 8:34 AM.

Analysis

Review before use: several default workflows can create accounting, tax, or invoice documents using hard-coded sample company data, and one documented DATEV command can overwrite the supposed input file.

GuidanceInstall only if you are prepared to inspect and modify the scripts first. Do not use the default EÜR, DATEV, or invoice outputs for real bookkeeping or tax work until the hard-coded sample company data is removed, the DATEV CLI is corrected, overwrite protections are added, and dependencies such as pdftotext/fpdf are clearly installed from trusted sources.

Findings (5)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityHighConfidenceHighStatusConcern
datev-export.py
if len(sys.argv) > 1:
        output_path = sys.argv[1]
        result = buchungen_to_datev(test_buchungen, output_path)

The script writes hard-coded test bookings to the first CLI argument. SKILL.md documents `python3 datev-export.py buchungen.json export.csv`, so following the documented command would treat `buchungen.json` as the output path and overwrite the supposed input file.

User impactA user could lose or corrupt bookkeeping data and receive a DATEV export based on demo transactions rather than their own records.
RecommendationDo not run the documented DATEV command as-is. The CLI should be fixed to accept an input file and a separate output file, refuse to overwrite existing files without confirmation, and avoid hard-coded test data in production paths.
Human-Agent Trust Exploitation
SeverityHighConfidenceHighStatusConcern
eur-erstellung.py
eur = EUErstellung(2024, "Merlin Krischnah Media")
eur.add_einnahme('YouTube AdSense', '2024-06', 1766.51, 'Monatseinnahmen Juni')
...
print(eur.generate_report('markdown'))

The default executable path generates an EÜR report for a named sample business with hard-coded income and expense amounts, while SKILL.md presents EÜR creation as an automated accounting feature.

User impactA user could mistake a demo tax/accounting report for their own EÜR, which is risky for tax preparation and business records.
RecommendationRequire explicit user data input for EÜR generation, label demo output clearly, and prevent default production-looking reports from being generated from sample data.
Human-Agent Trust Exploitation
SeverityHighConfidenceHighStatusConcern
rechnungs-generator-v2.py
'name': 'Merlin Krischnah Media UG',
'email': 'hello@mk-media.eu',
'bank': {
    'name': 'N26',
    'iban': 'DE89 3704 0044 0532 0130 00'

The invoice generator contains fixed company identity, contact, tax, and bank-payment details rather than requiring the installing user’s own business profile.

User impactInvoices generated by the skill could contain another entity’s identity or bank details, creating legal, payment, and trust problems.
RecommendationRemove hard-coded real or placeholder business identities from defaults, require a user-configured company profile, and clearly mark any examples as non-production samples.
Tool Misuse and Exploitation
SeverityLowConfidenceHighStatusNote
beleg-analyse.py
for root, dirs, files in os.walk(ordner_path):
        for file in files:
            if file.lower().endswith('.pdf'):
                pdf_path = os.path.join(root, file)

The receipt analyzer can recursively process every PDF under a user-supplied directory. This is relevant to its accounting purpose, but the scope can be broad if the user points it at a large or private folder.

User impactThe tool may print extracted financial information, text previews, and file paths for many PDFs in the selected directory.
RecommendationRun it only on a narrow folder containing the receipts you intend to analyze, and review console output before sharing it.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
beleg-analyse.py
subprocess.run(
        ['pdftotext', '-layout', pdf_path, '-'],

The code depends on the external `pdftotext` binary, while the registry metadata declares no required binaries and there is no install spec.

User impactUsers may have an incomplete or inconsistent setup and may need to install undeclared local tools before the skill works.
RecommendationDeclare required binaries and Python packages in the skill metadata or install instructions, and pin or document dependency sources.