v1.2.0

Accountsos

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:30 AM.

Analysis

AccountsOS appears aligned with accounting, but it gives an agent authority to create or change accounting records and upload sensitive business documents through an external API.

GuidanceInstall only if you trust accounts-os.com and want an agent to manage bookkeeping data there. Create or approve the API key yourself, keep it revocable, and require the agent to ask before changing transactions, deadlines, or uploading financial documents.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusConcern

SKILL.md

"name": "create_transaction" ... "amount": 127.50 ... "name": "update_transaction" ... "transaction_id": "uuid"

These are write operations against accounting records, and the artifact does not pair them with explicit human approval, scope limits, or reversal guidance.

User impactAn agent using this skill could add or modify bookkeeping entries that affect VAT, tax records, financial reporting, or business records.

RecommendationUse only with an API key you control, and require explicit confirmation before creating or updating transactions, deadlines, or other accounting records.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceMediumStatusNote

metadata

Source: unknown; Homepage: none

The registry provenance fields are incomplete for a finance-related integration, even though the SKILL text names accounts-os.com as the API target.

User impactUsers have less registry-level provenance to verify the publisher and service before granting accounting access.

RecommendationVerify the AccountsOS service and publisher independently before installing or providing an API key.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceHighStatusNote

SKILL.md

Response includes `api_key` for immediate use. Your human gets a welcome email to claim the account.

The onboarding flow can give the agent a bearer API key for an accounting account before the human has claimed it.

User impactThe API key can let the agent act within the accounting account and access or change business financial data.

RecommendationPrefer creating or approving the account and API key yourself, store the key securely, and revoke it if the agent no longer needs access.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityMediumConfidenceHighStatusNote

SKILL.md

Document storage — Receipts, invoices, contracts ... "upload_document" ... "file_data": "base64_encoded_data"

The skill can persist and later search sensitive business documents in the external AccountsOS service.

User impactReceipts, invoices, contracts, and transaction history may be stored and reused by the service for future accounting workflows.

RecommendationUpload only documents intended for this accounting service and review the service’s retention, deletion, and privacy controls.