Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
LedgerAI
v1.0.0AI bookkeeping via LedgerAI API — invoice processing, expense categorization, financial reports, receipt scanning. Use when user needs automated bookkeeping,...
⭐ 0· 281·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Functionality described (invoice parsing, expense categorization, reports) matches the included script and SKILL.md examples. However the package metadata lists no required environment variables or primary credential even though the runtime expects LEDGERAI_API_KEY or LEDGERAI_EMAIL (and optionally LEDGERAI_API_URL). That omission is an incoherence between claimed requirements and actual runtime needs. Also the API base used (https://anton.vosscg.com) is not documented in the skill metadata or linked to a verified vendor/homepage.
Instruction Scope
Instructions and the script instruct the agent to POST invoice/receipt data and URLs to an external API and to auto-signup by POSTing an email. This stays within the stated bookkeeping purpose, but it does mean any invoices/receipts or URLs you provide will be transmitted to the remote endpoint. The instructions do not scope reading local files, but they rely on environment variables that are not declared in metadata.
Install Mechanism
No install spec; this is effectively instruction-only with a small helper script included. Nothing is downloaded or installed from arbitrary URLs during install, which is low risk from an install-mechanism perspective.
Credentials
The skill requires credentials (LEDGERAI_API_KEY or LEDGERAI_EMAIL) and supports overriding LEDGERAI_API_URL, but the registry metadata lists no required env vars or a primary credential. The ability to override API endpoint via LEDGERAI_API_URL means an operator could redirect sensitive financial data to an arbitrary endpoint. Requiring an API key/email is proportionate for a remote bookkeeping service, but the metadata mismatch and endpoint override are notable risks that are not justified in the package manifest.
Persistence & Privilege
No persistent privileges requested (always:false). The skill does not claim to modify other skills or system-wide settings. It only contains a helper script and runtime instructions.
What to consider before installing
This skill will send invoices, receipts, or URLs you provide to an external API (default: https://anton.vosscg.com). Before installing or using it: (1) confirm who runs anton.vosscg.com / Voss Consulting Group and review their privacy/security policy; (2) don't send real sensitive financial documents until you trust the vendor — test with non-sensitive examples; (3) be aware you must provide LEDGERAI_API_KEY or LEDGERAI_EMAIL (the skill metadata fails to declare these) and LEDGERAI_API_URL can be changed to point anywhere (which could be used to exfiltrate data if misconfigured); (4) prefer creating a dedicated account/API key with limited scope and monitor network activity; (5) ask the publisher for provenance (homepage, company info) or request that required env vars and primary credential be declared in the registry before trusting production data.Like a lobster shell, security has layers — review code before you run it.
latestvk9705m83nb9kskc903bdgrzjy9826ddj
License
MIT-0
Free to use, modify, and redistribute. No attribution required.