Back to skill
Skillv1.0.0
ClawScan security
DoctorClaw Invoice Tracker · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 15, 2026, 11:00 PM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, requested resources, and behavior are consistent with an invoice-tracking tool — it is instruction-only and does not ask for unrelated permissions or installs.
- Guidance
- This is an instruction-only invoicing assistant and appears to do what it says. Before enabling or using it, be aware that: (1) it needs access to your invoice data (local file, Google Sheet, or accounting service) and, if you want it to send reminders, email or messaging account access — only grant OAuth tokens or API keys with least privilege; (2) the SKILL.md marks reminder emails as drafts which is good — avoid auto-send unless you explicitly approve; (3) if you store invoices in shared Google Sheets or chat channels, consider redacting or restricting sensitive fields (bank details, full card numbers); (4) using Telegram/Discord for delivery may expose invoice summaries in less-private channels — pick secure delivery; (5) because it's instruction-only, no code will be installed locally, but the agent will interact with external services you connect. If you need higher assurance, ask the publisher for details on how OAuth/tokens are handled and whether any logs are stored externally.
Review Dimensions
- Purpose & Capability
- okThe name/description match the SKILL.md: it reads invoice data, categorizes overdue items, drafts reminders, compiles digests, and optionally sends messages. Optional integrations (email, QuickBooks, Stripe, Telegram/Discord) are coherent with invoicing tasks.
- Instruction Scope
- noteThe instructions explicitly require reading an invoice list (CSV, Google Sheet, or accounting tool) and optionally writing back (logging reminders, updating status) and sending emails/alerts. These actions are within the stated purpose, but they entail accessing user data and external accounts — the skill correctly marks sends as DRAFT pending user approval.
- Install Mechanism
- okNo install spec or code files are present (instruction-only). Nothing will be downloaded or written to disk by an installer, minimizing supply-chain risk.
- Credentials
- noteThe skill metadata declares no required environment variables or credentials. Functionally, optional features (Gmail, QuickBooks, Stripe, Telegram/Discord) will require credentials or OAuth tokens if used. That is proportional to the optional features, but users should only provide the minimum-access tokens required by those services.
- Persistence & Privilege
- okalways is false and the skill is user-invocable; autonomous invocation is allowed (platform default) but not elevated. The skill does not request system-wide config or other skills' credentials.