ClawHub

Smart Ledger

Security checks across malware telemetry and agentic risk

Overview

Smart Ledger is a disclosed local expense tracker that stores and edits personal finance records on the user's device, with no evidence of hidden network access or unrelated behavior.

Install only if you are comfortable storing income, spending notes, and raw transaction text in a local JSON file. Back up ~/.openclaw/workspace/data/expenses/expenses.json if the records matter, and double-check delete IDs because deletion is immediate.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
96% confidence
Finding
The skill documentation indicates it can read and write local files and invoke Python scripts, but the manifest does not declare corresponding permissions or capabilities. This creates a transparency and policy gap: users and the host platform may not understand the true access the skill requires, increasing the chance of unintended file access or execution in a finance-related context handling sensitive personal spending data.

Vague Triggers

Medium
Confidence
81% confidence
Finding
The skill is described with broad natural-language bookkeeping behavior but does not define clear activation boundaries, exclusions, or confirmation expectations. In an agent environment, vague invocation scope can cause accidental triggering on unrelated user messages, leading to unintended storage, categorization, or modification of sensitive financial records.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The documentation presents record deletion as a simple command without warning that it is destructive or recommending confirmation and backup. Because this skill stores personal financial history locally, accidental or mistaken deletion could permanently remove important budgeting and audit data, especially if the ID is mistyped or generated records are not easily recoverable.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal