Skillv0.1.0

ClawScan security

Sap Journal Auditor · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 6, 2026, 4:05 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, runtime instructions, and requested privileges are coherent with its stated purpose: it parses uploaded SAP journal CSV/XLSX files, runs local audit checks, writes local reports, and does not request unrelated credentials or network access.
Guidance: This skill appears to do what it claims: it analyzes uploaded SAP journal CSV/XLSX files locally and returns an audit memo and a CSV of flagged lines. Before installing/running, consider: 1) provenance — registry metadata lists an owner ID but no homepage; the code includes author and RadarRoster links (verify you trust the source). 2) Data handling — the skill writes audit_memo.md and flagged_entries.csv to disk and sends them back via the agent; those files contain sensitive financial data, so run in an environment you control and delete outputs when done. 3) Memory retention — the agent memory stores a small run summary (timestamp, entriesCount, findings, overallRisk, period) for the last 20 runs; if that is a concern, clear or disable skill memory or avoid persistent storage. 4) Optional npm packages — the tool can use optional npm modules for enhanced Excel support; review package.json/package-lock.json before running npm install and prefer the built-in (zero-dependency) mode if you need stricter controls. 5) Safety practice — run the included test suite locally (node tests/test.js) and, if possible, execute the skill in an isolated/test environment first. Overall there are no red flags indicating unrelated credential access or network exfiltration in the provided files.

Review Dimensions

Purpose & Capability: okName/description (SAP FI/CO journal auditor) align with the code and instructions: parser, auditor, reporter, exporter all operate on uploaded journal files. The optional attempts to require 'csv-parse' and 'xlsx' are reasonable (they fall back to built-in parsers) and match the stated 'zero-dependency' vs 'with npm' modes. No unrelated binaries, env vars, or cloud credentials are requested.
Instruction Scope: noteSKILL.md and instructions.md direct the agent to parse an uploaded file, run audit checks, generate a Markdown memo and a CSV of flagged entries, and return those files. The runtime handler reads the supplied file, writes audit_memo.md and flagged_entries.csv into the same directory, replies with text, and uses context.replyFile to send the generated files. This all falls within the skill's stated scope. Note: the skill persists lightweight run metadata (timestamp, counts, overallRisk) into context.memory — this is expected for tracking but does store some metadata about runs.
Install Mechanism: okThere is no install specification in the registry metadata (instruction-only), though package.json and package-lock.json are present in the bundle. The code is written to work without external packages (zero-dependency CSV/XLSX fallbacks) and only optionally uses npm packages if present. No external download URLs or extract/install steps are present in the skill metadata.
Credentials: okThe skill does not require environment variables, credentials, or special config paths. It only needs access to the uploaded file and to a writable directory for generated outputs. The one environment-like resource used is context.memory for storing audit run metadata — this is proportional but users should be aware it records summary metadata (not raw file contents).
Persistence & Privilege: notealways:false (normal). The skill persists recent run metadata to the skill/agent memory (key: 'audit_runs', last 20 runs). This is legitimate for an auditing tool but could retain sensitive metadata (period, entries count, findings count, overallRisk). The skill also writes files (audit_memo.md, flagged_entries.csv) into the same directory as the input file — expected but those files may contain sensitive financial data and should be handled accordingly.