v1.0.0

invoice-analyzer

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 1:46 PM.

Analysis

The skill is an on-topic invoice analyzer, but it should be reviewed because it describes automatic invoice approval/payment readiness and advertises wallet or transaction authority without clear limits.

GuidanceUse this skill only if you intend the agent to handle sensitive financial documents. Before installing, make sure it cannot approve, schedule, purchase, pay, or sign transactions without your explicit confirmation, and do not grant wallet or payment credentials unless they are narrowly scoped and necessary.

Findings (2)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityHighConfidenceHighStatusConcern

SKILL.md

Automation ... Approval routing ... Payment scheduling ... Auto-approve threshold: $5,000 ... Result: ✅ Auto-approved

The skill frames approval routing, payment scheduling, and auto-approval as part of normal operation, but the shown instructions do not require explicit user confirmation before high-impact financial workflow outcomes.

User impactAn agent using this skill could treat invoices as approved or ready for payment based on model analysis, which may affect real financial workflows if connected to accounting or payment tools.

RecommendationKeep the skill read-only by default, require explicit user approval before approving, scheduling, paying, purchasing, or signing anything, and define clear dollar limits and rollback procedures.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityHighConfidenceMediumStatusConcern

capability signals

requires-wallet; can-make-purchases; can-sign-transactions; requires-sensitive-credentials

These declared capability signals imply access to wallet or transaction authority and sensitive credentials, while the requirements list no primary credential, required environment variables, or scoped configuration explaining how that authority is bounded.

User impactIf granted credentials or wallet access, the skill may operate with financial authority beyond simple invoice analysis.

RecommendationOnly grant narrowly scoped accounting or payment credentials when necessary, avoid wallet/signing permissions unless explicitly required, and require a human approval step for every transaction.