ClawHub

Nonprofit Management

v2.0.0

Operations assistant for small 501(c)(3) nonprofits — IRS compliance (990 filing), grant tracking, board meeting prep, donor management, program reporting, a...

0· 72·0 current·0 all-time
by@joshbuildswithdoit
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoRequires wallet
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description (IRS compliance, grant/donor/board operations) match the SKILL.md content and the reference files. The skill does not request unrelated binaries, credentials, or config access that would be disproportionate to its stated purpose.
Instruction Scope
SKILL.md is purely advisory and provides templates, reminders, and checklists; it explicitly constrains itself (no legal advice, no filing of returns, treat donor info as confidential). Important operational detail: because this is instruction-only, the skill's runtime behavior depends entirely on the hosting agent — the instructions do not describe how donor data is stored, transmitted, or logged. The SKILL.md does not instruct reading system files, environment variables, or posting data to third-party endpoints.
Install Mechanism
No install specification and no code files to execute — lowest install risk (instruction-only skill).
Credentials
No required environment variables, no primary credential, and no config paths requested. The lack of credential requests is proportionate to a guidance/templates skill that does not directly integrate with external systems.
Persistence & Privilege
always is false and default autonomous invocation is permitted (normal). The skill does not request persistent system-wide privileges or modify other skills' configurations in its instructions.
Assessment
This skill appears coherent and advisory-only, but be cautious with real donor or PII: test with dummy data first and confirm how your OpenClaw host stores, logs, or shares conversation contents. Verify organizational privacy controls before providing donor lists or sensitive financial details. If you plan to use outputs for filings or legal compliance, have a CPA or attorney review (the skill itself warns to do so). If you intend to use integrations (emailing donors, calendar alerts, CRM exports), ensure those connectors request only the minimal credentials and audit where data is sent.

Like a lobster shell, security has layers — review code before you run it.

latestvk9780k9eempa0vmyr2vcang01s848rrr

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments