ClawHub
Back to skill
v1.0.0

Ghostfolio

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 6:29 AM.

Analysis

This instruction-only skill is purpose-aligned for querying Ghostfolio, but it handles a long-lived portfolio token and may leave probe output locally.

GuidanceBefore using this skill, set GHOSTFOLIO_BASE_URL only to your own trusted Ghostfolio instance, protect GHOSTFOLIO_TOKEN as a sensitive long-lived credential, avoid `curl -k` except for controlled diagnostics, and remove /tmp/gf_probe.json if you run the probe.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityLowConfidenceHighStatusNote
SKILL.md
For remote TLS diagnostics only, temporary `curl -k` can help.

The troubleshooting guidance mentions disabling TLS certificate verification. It is framed as temporary diagnostics, but using it with bearer tokens can weaken transport security.

User impactIf used against an untrusted or intercepted remote connection, credentials or portfolio data could be exposed.
RecommendationAvoid `curl -k` with real tokens unless you are on a trusted network and diagnosing a known certificate issue; fix TLS validation before normal use.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityMediumConfidenceHighStatusNote
SKILL.md
# Long-lived token supplied by user/admin
export GHOSTFOLIO_TOKEN="..."
...
AUTH_HEADER="Authorization: Bearer $GHOSTFOLIO_TOKEN"

The skill requires and uses a long-lived Ghostfolio token to access portfolio endpoints. This is expected for the stated purpose, but it is sensitive account authority.

User impactAnyone who obtains or misuses the token could access the user's Ghostfolio portfolio data through the API.
RecommendationUse a token with the least necessary access, keep it only in a trusted environment, and verify the base URL belongs to your own Ghostfolio server before sending the token.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning
SeverityLowConfidenceHighStatusNote
SKILL.md
code=$(curl -s -o /tmp/gf_probe.json -w '%{http_code}' "$GHOSTFOLIO_BASE_URL$ep" \

The quick probe writes API response bodies to a fixed temporary file, which may contain portfolio or error details and can persist after the command finishes.

User impactPortfolio-related response data could remain on the local machine in /tmp/gf_probe.json after troubleshooting.
RecommendationDelete /tmp/gf_probe.json after probing, or change the probe to write to /dev/null if only the HTTP status code is needed.