Xero
AdvisoryAudited by Static analysis on May 6, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may be able to read or change Xero financial records depending on the Xero permissions the user grants.
The skill requires delegated Xero account authorization through ClawLink, which is expected for a Xero integration but grants access according to the connected account's scopes and permissions.
ClawLink's hosted page runs the hosted OAuth flow — the user clicks through the Xero login and authorization screen.
Connect only the intended Xero organization, review granted scopes in Xero/ClawLink, and revoke access when no longer needed.
A confirmed write could update invoices, contacts, or accounting records, so mistakes may affect business finance data.
The skill can invoke dynamic ClawLink tools that perform Xero write actions, but it also instructs previewing and confirming writes before execution.
For writes or anything marked as requiring confirmation, call `clawlink_preview_tool` first, then confirm with the user.
Carefully review previews before confirming any Xero write, destructive, external-facing, or bulk action.
The actual runtime behavior depends on the installed ClawLink plugin and its tool catalog.
The instruction-only skill depends on a separate ClawLink plugin that is not included in the supplied artifact review; the install step is user-directed and central to the skill's purpose.
Install the verified ClawLink plugin: `openclaw plugins install clawhub:clawlink-plugin`
Verify the plugin publisher, source, and ClawLink verification page before installing or granting Xero access.
Xero access and potentially sensitive finance data are mediated through ClawLink, so the user relies on that service's security and privacy practices.
The skill discloses a credential and data boundary involving the local OpenClaw plugin and the external ClawLink service.
The resulting device credential is stored locally in OpenClaw's plugin config and is only sent to `claw-link.dev`.
Use this skill only if you trust ClawLink to mediate Xero access, and avoid pasting raw credentials into chat as instructed.