Quickbooks-Agent
WarnAudited by ClawScan on May 10, 2026.
Overview
This skill is coherent for QuickBooks management, but it would let an agent run unreviewed external code with broad authority to change financial records.
Treat this as a high-impact financial automation tool. Before installing, inspect and pin the GitHub code, use a QuickBooks sandbox first, keep credentials and tokens secure, and require explicit approval before any action that creates, changes, deletes, sends, voids, or applies financial records.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The code that receives QuickBooks credentials and can modify accounting records would come from an external repository state that was not reviewed in these artifacts.
The runnable code is fetched from GitHub at install time and built locally, but the provided review artifacts contain no code files and do not pin a commit, tag, or image digest.
git clone https://github.com/claw4business/quickbooks-online-cli.git ~/skills/qb-cli; docker compose -f ~/skills/qb-cli/docker-compose.yml build
Review and pin a specific trusted commit or release before installing, and test in a QuickBooks sandbox before providing production credentials.
If authorized against a real company account, the agent may be able to read and change sensitive financial records through the QuickBooks API.
The skill requires QuickBooks app credentials and OAuth authorization to access the user's QuickBooks company environment.
requires: env: - QB_CLIENT_ID - QB_CLIENT_SECRET - QB_ENVIRONMENT ... auth login --callback-url
Use least-privilege QuickBooks access where possible, start with sandbox mode, protect the client secret and OAuth tokens, and only authorize production access after reviewing the code.
A mistaken command could create, modify, send, void, or otherwise affect important QuickBooks records such as invoices, payments, bills, accounts, transfers, or journal entries.
The CLI exposes many high-impact accounting operations in an agent-consumable form. The artifact includes some safety rules, but the documented authority is broad enough that accidental or premature tool use could affect business books.
Manage customers, invoices, payments, bills, vendors, accounts, items, expenses, journal entries, deposits, transfers, estimates, purchase orders, and run financial reports directly via the Intuit API. 164 commands across 29 command groups. All commands return JSON by default for agent consumption.
Require explicit user confirmation for every create, update, delete, void, send, payment, transfer, journal-entry, and production-report action, and keep backups/audit trails.