仅适用于北京市企业职工基本养老保险退休金测算。支持依据北京政策参数计算基础养老金、个人账户养老金、过渡性养老金,并对未退休用户做未来缴费策略优化。
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This appears to be a purpose-aligned local Beijing pension calculator, but it handles sensitive pension records and leaves local output files that users should manage carefully.
Before installing, be comfortable sharing pension records, birth date, account balance, and contribution history with a local calculator. Use trusted dependency sources, verify policy parameter updates against official links, run without administrator privileges, and delete local tmp outputs when done.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Users may install and run local software to process pension files and screenshots.
The skill discloses local dependency installation and local OCR/Python script execution. This is central to parsing uploaded pension data, but it affects the user's local environment.
Python 依赖:见 `requirements.txt`(`pandas`、`openpyxl`)... OCR 二进制依赖:`tesseract-ocr`... `python3 -m pip install -r requirements.txt`
Install dependencies only from trusted sources, avoid running the skill with elevated privileges, and use a dedicated working directory.
Sensitive pension inputs and calculated results may remain on disk after the calculation is complete.
The pipeline persists imported user data, confirmation details, and pension results to local files. These outputs can contain sensitive personal and financial pension information.
INGEST_OUT="$WORK_DIR/ingested.json" ... CONFIRM_OUT="$WORK_DIR/confirmation_form.md" ... CALC_OUT="$WORK_DIR/result.json"
Store outputs in a private folder, do not include unnecessary personal data, and delete temporary files when finished.
Incorrect or unverified parameter updates could affect future pension estimates produced by the skill.
The updater can persist user-supplied policy parameters into the skill's local parameter file, which can influence later calculations.
obj.setdefault("pension_base_by_year", {})[y] = round2(args.pension_base) ... save_json(params_path, obj)Only update parameters from official Beijing policy sources and keep a record of the source and date used.