Sharesight Skill for OpenClaw

The OpenClaw AgentSkills skill bundle for Sharesight is benign. It provides a legitimate CLI interface to the Sharesight API, handling financial portfolio data. Credentials (client ID/secret) are read from environment variables, and access tokens are stored securely in `~/.config/sharesight-cli/config.json` with restrictive permissions (0o600). All network communication is directed to the official Sharesight API endpoints (`api.sharesight.com`). Write operations are explicitly protected by an environment variable (`SHARESIGHT_ALLOW_WRITES=true`), preventing accidental data modification. The `SKILL.md` and `README.md` files contain clear, purpose-aligned instructions and documentation, with no evidence of prompt injection attempts or instructions for the agent to perform actions outside the stated purpose.