ClawHub

ZapYeti

WarnAudited by ClawScan on May 10, 2026.

Overview

ZapYeti appears purpose-built for debt tracking, but its helper can use your API key to call broad financial, account, social, SimpleFin, and admin endpoints without built-in limits or confirmation.

Only use this skill if you trust ZapYeti and are comfortable giving the agent an API key. Before use, set clear rules that the agent must ask before any payment logging, debt edits, exports, SimpleFin sync/linking, social posting, API-key changes, admin actions, or account deletion.

Findings (2)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

High
#ASI02: Tool Misuse and Exploitation
What this means

If the agent misinterprets a request or follows an unsafe instruction, it could change or delete ZapYeti account or financial data rather than only reading debt information.

Why it was flagged

The helper allows any HTTP method, API path, and optional JSON body to be sent with the user's API key, with no allowlist, confirmation gate, or protection around destructive endpoints.

Skill content
METHOD="${1:?Usage: zy_api.sh METHOD path [body]}" ... PATH_ARG="${2:?Usage: zy_api.sh METHOD path [body]}" ... curl "${CURL_ARGS[@]}" "${BASE_URL}${PATH_ARG}"
Recommendation

Add endpoint allowlists and require explicit user confirmation for POST, PUT, PATCH, DELETE, export, SimpleFin, social, admin, and account/API-key operations.

High
#ASI03: Identity and Privilege Abuse
What this means

A key with broad permissions could let the agent access or mutate more of the user's ZapYeti account than the stated debt-tracking workflows require.

Why it was flagged

The skill requires a ZapYeti API key and explicitly points the agent at broad endpoint families, including admin and SimpleFin operations, without documenting least-privilege scopes or limiting what the key may be used for.

Skill content
Requires env: `ZAPYETI_API_KEY` ... See `references/api.md` for the full endpoint list including debts, payments, SimpleFin sync, social features, and admin endpoints.
Recommendation

Use a least-privilege or read-only API key if ZapYeti supports it, document the intended key scope, and block or separately approve admin, SimpleFin, account, and API-key management actions.