Skillv1.0.0

ClawScan security

US Tax Return Review-1040 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 13, 2026, 8:36 PM

Verdict: Benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code, instructions, and included reference files are coherent with a Form 1040 review tool; it does not request credentials or unusual system access, but you should still treat input tax data as sensitive and inspect the full script before running it in production.
Guidance: This skill appears to do what it says: analyze normalized Form 1040 data, compare to the included law file, and produce JSON/MD/DOCX reports. Before installing or running it: (1) inspect the complete scripts/review_1040.py for any network, subprocess, or file-access code you didn't expect (requests, urllib, socket, subprocess, os.exec, or writes outside the output directory); (2) run it on copies of data in an isolated environment because tax returns contain PII; (3) install python-docx from the official PyPI index (pip install --user python-docx) if you need DOCX output; (4) verify and, if necessary, update references/current_tax_law_2025.json to current authoritative IRS/SSA sources before making decisions; and (5) treat findings as advisory and have a licensed tax professional (CPA/EA) review any action items. If you want higher confidence, paste the rest of scripts/review_1040.py here (the file was truncated in the review) so I can check for hidden network or exfiltration behavior.

Review Dimensions

Purpose & Capability: okName/description (1040 review, multi-year consistency, DOCX risk report, audit-likelihood) align with the provided files: a Python script that performs checks and generates JSON/markdown/DOCX and law/reference JSON. Required libraries (python-docx) are appropriate for DOCX output. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope: okSKILL.md instructs the agent to run the included script against normalized input and the provided law JSON. The instructions reference only local files (input schema, law file, example returns) and producing local artifacts. There are no instructions to read unrelated system files or to transmit data externally in the SKILL.md. (Recommendation: review the full Python script for any hidden network/subprocess calls; the visible portion shows typical local-processing logic.)
Install Mechanism: okThere is no install spec — this is instruction+script only. The only runtime dependency called out is python-docx, which is a standard PyPI package and the README suggests installing via pip. No downloads from arbitrary URLs or archive extraction are present in the manifest or SKILL.md.
Credentials: noteThe skill requests no environment variables or credentials (proportionate). However, it is explicitly designed to process sensitive tax and PII data from returns. That makes safe handling a key concern even though no secrets are requested: the skill will read input files that may contain SSNs, financial data, etc., so processing should be done locally and securely.
Persistence & Privilege: okNo always:true flag, no install-time persistence, and no declared modifications to other skills or system-wide settings. The skill appears user-invocable only and does not request elevated/ongoing privileges.