QuickBooks Direct

Type: OpenClaw Skill Name: quickbooks-direct Version: 1.0.1 The skill is classified as suspicious primarily due to the plaintext storage of highly sensitive credentials (Client Secret, Access Token, Refresh Token) in `config.json`. While the `run.js` code itself does not exhibit malicious behavior like exfiltration to unauthorized endpoints, this local storage method creates a critical vulnerability if the host system is compromised. Additionally, the `qb_query` tool in `run.js` directly exposes QuickBooks's SQL-like query language, which could be an injection vector if the upstream API is vulnerable. However, the extensive documentation in `SKILL.md`, `README.md`, and `SECURITY.md` explicitly warns about these risks and provides detailed mitigation steps, indicating awareness of vulnerabilities rather than malicious intent.