v1.0.0

Finops Report

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 6:13 AM.

Analysis

This instruction-only skill is coherent for generating AWS cost reports, with only a minor note that it declares bash availability without specific command limits.

GuidanceThis appears safe to install as a reporting prompt. Use it with the specific AWS billing, budget, and team-mapping data you intend to analyze, and avoid granting broad local or AWS account access unless you have reviewed the exact action being taken.

Findings (1)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityLowConfidenceHighStatusNote

SKILL.md

tools: claude, bash

The skill makes a shell tool available, but the rest of the artifact only describes report generation and does not specify commands, privileged operations, or automatic execution.

User impactIf the agent chooses to use bash while preparing the report, it could potentially read or process local files unless the user keeps the task scoped.

RecommendationOnly provide the intended AWS billing or budget exports, and review any proposed shell commands before allowing them to run.