v1.0.0

Receipt Subscription Cleaner

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 5:29 AM.

Analysis

This read-only receipt-audit skill is coherent and includes privacy guardrails, but users should remember it may handle sensitive receipt or email data.

GuidanceThis skill appears safe for a read-only subscription audit. Before installing or using it, limit the receipts or exports you provide, prefer offline files over account connections, use read-only scopes for any optional integration, and confirm that cancellation messages are only drafted rather than sent.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityLowConfidenceHighStatusNote

references/auth.md

If API access is explicitly requested, use read-only scopes only.

The skill may use delegated email or API access when the user explicitly asks, which is sensitive account authority even though it is purpose-aligned and limited to read-only scopes.

User impactIf enabled, the skill could read receipt-related account or email data through an integration.

RecommendationPrefer offline exports when possible; if connecting an account, grant only read-only, receipt-specific access and revoke it after the audit.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityLowConfidenceHighStatusNote

SKILL.md

Receipt sources (email export, PDF folder, or CSV list).

The main inputs can contain sensitive financial, address, and purchase-history information; the skill acknowledges this with local-storage and redaction guidance.

User impactReceipts and email exports may reveal personal spending patterns, addresses, partial card details, and subscription history.

RecommendationProvide only the files and time window needed for the audit, and review outputs to ensure sensitive fields are redacted.

Insecure Inter-Agent Communication

SeverityInfoConfidenceMediumStatusNote

references/webhooks.md

Optional: trigger when a new receipt arrives. Payload should include sender, subject, date, and attachment reference.

Optional webhook-style receipt triggers introduce an inbound data flow containing email metadata and attachment references; the artifact also says to treat inbound data as untrusted.

User impactIf webhook automation is configured, receipt metadata could be passed into the workflow automatically.

RecommendationOnly enable webhook triggers from trusted sources, keep payloads minimal, and verify that inbound receipt data is sanitized before use.