George Banking Automation
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: george Version: 1.5.4 The 'george' skill bundle automates George online banking using Playwright to fetch transactions and sign payment orders. While 'scripts/george.py' includes security hardening like strict file permissions (umask 077), input sanitization, and path traversal checks, the skill possesses inherently high-risk capabilities. These include capturing and caching bearer authentication tokens and programmatically interacting with financial APIs (api.sparkasse.at). These features are aligned with the stated purpose but qualify as suspicious due to the sensitive nature of automated banking and session management.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent could be given capability to perform payment-file or other banking submission/signing workflows, which may affect real bank accounts if invoked incorrectly.
These commands appear to upload and sign bank data-carrier files, a high-impact financial action, while the skill description primarily advertises login, accounts, and transaction fetching.
python3 {baseDir}/scripts/george.py datacarrier-upload <file> [--type pain.001] ...
python3 {baseDir}/scripts/george.py datacarrier-sign <datacarrier_id> ...Only install if you specifically need data-carrier upload/signing, and require explicit human review and bank-side confirmation before any signing command is run.
Anyone or anything with access to the workspace state may be able to reuse banking session material until it expires or is cleared.
The skill persists bank authentication/session material locally, which is expected for this integration but is sensitive account access.
Session tokens are cached in `{workspace}/george/token.json` to avoid repeated 2FA prompts.Use this only in a trusted workspace, protect the workspace directory, and run the documented logout command after use.
The installed browser automation stack becomes part of the trusted execution path for online banking automation.
The setup relies on installing Playwright and a browser runtime; this is normal for the stated Playwright automation purpose but introduces dependency provenance considerations.
pip install playwright playwright install chromium
Install dependencies from official sources in an isolated environment and keep them updated.