Back to skill
Skillv1.0.1
ClawScan security
fintech-engineer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 11, 2026, 9:43 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only fintech engineering guideline whose declared purpose, runtime instructions, and lack of installs or credential requests are internally consistent.
- Guidance
- This SKILL is a high-level fintech engineering playbook and appears coherent and low-risk because it neither installs code nor requests credentials. Before enabling it in a production or high-privilege agent, verify its provenance (author/homepage) and run it in a restricted/test environment first. Constrain the agent's access (no production databases, no secret vault access) and require explicit human approval for any actions that would deploy code, change configs, or access sensitive data. If the skill is later updated to request credentials, read local files, or include an install script/download URL, treat that as a significant change and re-evaluate (such changes would raise suspicion).
Review Dimensions
- Purpose & Capability
- okThe name and description ('fintech-engineer') match the SKILL.md content: checklists, architecture and compliance guidance, and development workflows for payment/banking systems. There are no unrelated required binaries, env vars, or config paths requested.
- Instruction Scope
- noteThe SKILL.md contains broad, high-level guidance and checklists for designing and operating fintech systems (compliance analysis, implementation, production excellence). It does not instruct the agent to read arbitrary local files, capture secrets, or call unexpected external endpoints, but its language is open-ended and gives the agent broad discretion (e.g., 'Implement solutions' and 'Query context manager'). Recommend restricting what the agent is allowed to access when invoked in a real environment.
- Install Mechanism
- okNo install spec and no code files are present (instruction-only). This is the lowest-risk install model — nothing is written to disk by an installer.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths. That is proportionate for a guidance/consultant-style skill and reduces risk of credential exfiltration.
- Persistence & Privilege
- okThe skill does not request always:true and uses platform defaults (user-invocable, model invocation allowed). Autonomous invocation is the platform default and not in itself problematic here.