Bank Statement Converter
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone running the documented commands with this key can act against the bank statement converter account, including viewing user/credit information and consuming conversion credits.
The skill expects a provider API key even though registry metadata lists no required environment variables or primary credential; this is purpose-aligned but should be visible to users.
### Requirements BANKSTATEMENT_API_KEY ... export BANKSTATEMENT_API_KEY="your-api-key-here"
Only set the API key if you trust the provider, keep it secret, and revoke or rotate it if it is exposed or no longer needed.
Sensitive financial documents and document passwords will be transmitted to the external service as part of normal use.
The skill sends bank statement PDFs, and potentially PDF passwords, to an external API endpoint for processing.
-F "file=@/path/to/your/bankstatement.pdf" \ https://api2.bankstatementconverter.com/api/v1/BankStatement ... "password": "yourpdfpassword" ... /setPassword
Use this only for documents you are comfortable sending to that provider, review the provider’s privacy and retention terms, and avoid uploading unrelated sensitive files.