Skillv1.0.0

ClawScan security

Ai Financial Report Cn Payment · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewMar 5, 2026, 8:27 AM

Verdict: Review
Confidence: high
Model: gpt-5-mini
Summary: The skill advertises a paid AI financial-report service but contains no implementation or runtime instructions—only payment/contact details—so its claimed capability doesn't match what it actually provides and could be a monetization or social-engineering attempt.
Guidance: This package looks like a payment solicitation rather than a working AI skill. Do not send money or sensitive information based solely on this skill. Before installing or using it, ask the publisher to provide: (1) a clear technical description of how the AI report generation works (APIs, endpoints, or code), (2) a demo or sample outputs, (3) payment handled through official/traceable channels with a refund policy and business registration, and (4) privacy and data handling terms. If you intended to get an on-agent feature, prefer skills that include implementation details or use platform-approved billing rather than offline payments to individual accounts. If you already paid, verify the vendor identity and consider reporting the transaction to your payment provider if anything seems fraudulent.

Review Dimensions

Purpose & Capability: concernThe name and description claim an 'AI财务报表生成器' (paid AI report generator), but the skill contains no APIs, commands, integration details, example inputs/outputs, or runtime instructions for generating reports. Instead it is purely a sales/payment page asking users to pay external accounts. This is incoherent: a functional AI skill would need integration details or code, not just payment instructions.
Instruction Scope: concernSKILL.md provides only subscription tiers, offline payment instructions (Alipay account and QQ payment identifier), and a QQ contact. There are no instructions the agent can follow to generate reports, access data, or call external services. The file effectively instructs users to make payments outside the platform, which is outside the normal scope of a runtime skill.
Install Mechanism: okNo install mechanism or code is present (instruction-only). That minimizes technical risk from binaries or remote downloads, but does not mitigate the coherence issues described above.
Credentials: okThe skill requests no environment variables, secrets, or config paths. There is no credential access requested by the skill itself. However, it asks users to include their QQ number in payment remarks, which is a data-collection pattern to be aware of but not a requested runtime credential.
Persistence & Privilege: okThe skill is not marked always:true and requests no special agent privileges or configuration changes. Autonomous invocation is allowed by default but there is no runtime behavior for the agent to perform, so there is no evidence of persistence or elevated privileges in the package itself.