Plutus — God of Wealth
PassAudited by ClawScan on May 9, 2026.
Overview
This expense-report skill appears purpose-aligned and local-only, with minor cautions about installing an unpinned Python package and saving financial reports to disk.
This skill looks appropriate for local expense analysis. Before installing, consider running it in a virtual environment, avoid using the system-package override if possible, and remember that any generated expense reports may contain sensitive financial information.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the package could change the local Python environment, and the exact package version is not fixed.
The skill instructs installation of an unpinned PyPI package and uses a flag that bypasses system Python package protections. This is disclosed and related to report formatting, but it still carries normal package supply-chain and environment-modification risk.
pip3 install rich --break-system-packages --quiet
Install in a virtual environment when possible, consider pinning a known-good version of 'rich', and avoid '--break-system-packages' unless you understand the impact.
Private spending or business expense information may remain on disk after the skill runs.
The skill processes personal or business financial transactions and creates persistent local report files. This is purpose-aligned, and the artifact claims no data is transmitted, but the saved reports may contain sensitive financial summaries.
Paste raw text, a list, or point to a CSV of transactions... Export: Markdown report + CSV summary saved to disk
Use only trusted local files, review where the report is saved, and delete or protect generated reports if they contain sensitive financial data.