Skillv1.0.0

ClawScan security

Invoice Compliance Checker · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 19, 2026, 3:46 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's files, runtime instructions, and inputs/outputs are internally consistent with a descriptive invoice-compliance helper and do not request unrelated credentials, network access, or privileged persistence.
Guidance: This skill appears coherent and low-risk: it only parses user-supplied text and returns JSON recommendations/templates. Before installing, review handler.py if you can; avoid pasting full invoices containing personally identifiable information, account numbers, or credentials into the skill (only provide the contextual data needed). If you want to be extra cautious, disable autonomous invocation for the skill or run the included tests and the handler locally in an isolated environment to confirm behavior. If you plan to integrate with real financial systems later, require explicit, purpose-limited credentials and re-audit the skill for any network or credential usage first.

Review Dimensions

Purpose & Capability: okName/description match the included files and behavior: the skill produces structured analysis, templates, and recommendations based on user-provided text. It does not request unrelated environment variables, binaries, or configuration paths.
Instruction Scope: okSKILL.md confines the skill to descriptive analysis and templates. The handler.py implements only local parsing and rule-based recommendation logic; it does not read system files, access environment variables beyond normal execution, or call external services. The instructions do require users to supply their financial context (amounts, dates, priorities), which is expected for this purpose — users should avoid pasting sensitive account credentials or full invoices containing secrets.
Install Mechanism: okThere is no install spec (instruction-only), which is the lowest-risk install model. The skill does include local Python source and tests, but these files perform only local parsing/formatting and are not downloading or executing remote code.
Credentials: okThe skill requests no environment variables, credentials, or config paths. The code does not attempt to access secrets or external APIs; the requested inputs are limited to user-provided textual financial context.
Persistence & Privilege: okalways is false and there is no indication the skill will persist itself or alter other skills or system settings. Autonomous invocation is allowed by default (platform behavior) but the skill's scope and inputs do not expand its privilege.