Back to skill
Skillv1.1.0
ClawScan security
Smart Expense Tracker Cn V1.1 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
ReviewMar 2, 2026, 11:37 AM
- Verdict
- Review
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The SKILL.md describes a plausible expense-tracking assistant, but there are inconsistencies (declared tool requirements in the skill file vs registry metadata) and it claims integrations (QQ voice message auto-recognition, scheduled push reports, payment/subscription tiers, API) without declaring required credentials or integration details — this mismatch warrants caution.
- Guidance
- This skill looks like an expense tracker on the surface, but there are unexplained gaps. Before installing, ask the publisher: (1) which credentials or API keys are required (QQ messaging, push service, payment backend, etc.) and why; (2) where and how user financial data is stored/transmitted (local only, third‑party servers, encryption in transit/at rest); (3) provide a source or homepage (Git repo or official site) and a clear install/run guide; (4) clarify the jq/python3 requirement — why the registry metadata omitted it; (5) if the skill will access your messages or services, require it to declare exact env vars/config paths. If you cannot get clear answers and code/auditability, avoid installing or grant minimal privileges and never supply high-value credentials.
Review Dimensions
- Purpose & Capability
- noteThe name/description match an expense-tracking assistant and the features listed (trends, budgets, voice input, reports) are coherent with that purpose. However, SKILL.md metadata lists required binaries (jq, python3) while the registry metadata shows none — a mismatch in declared requirements. The listed binaries are plausible for local processing, but the registry omission is inconsistent.
- Instruction Scope
- concernThe runtime instructions are purely descriptive (examples, UX flows) and contain no concrete runtime commands, but they claim automated behaviors that imply access to external user data and services (QQ voice message auto-recognition, weekly/monthly push reports, paid tiers and API access). The SKILL.md does not specify how the agent should access QQ messages, deliver pushes, or authenticate to external APIs, so the instructions lack the necessary scope/detail for those operations and may hide required data access.
- Install Mechanism
- okThis is an instruction-only skill with no install spec and no code files, which is lower risk from an installation perspective (nothing is downloaded or written).
- Credentials
- concernNo environment variables, credentials, or config paths are declared despite features that normally require them (access to QQ messages or a messaging API, push notification credentials, payment/subscription backend keys, or an external API). That mismatch suggests either missing documentation/requirements or that the skill expects access to agent/system resources not declared upfront.
- Persistence & Privilege
- okThe skill is not marked always:true and does not request persistent config or system-wide changes. It does not declare any saved tokens or privileged persistence in its metadata.