Skillv1.0.0

ClawScan security

Invoice & Expense Tracker · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 12, 2026, 4:28 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requirements and instructions are internally consistent with an on-device invoice/expense tracker: it reads/writes a local ledger, uses a local categories file, and has no network/install/credential demands.
Guidance: This skill appears to be a local-first expense tracker and is internally consistent. Before installing, consider: 1) It will create and append financial data under ./data and write backups and exports under ./exports — ensure you install/run it in a directory you control and that file permissions meet your security needs. 2) If you store sensitive financial data, consider encrypting the folder or running the skill in an isolated environment. 3) Exported CSVs can contain sensitive info—manage them like other financial exports. 4) The skill uses approximate exchange rates and stores a default currency in metadata—confirm those settings on first use. 5) If you prefer the agent not to take actions autonomously, disable autonomous invocation in your agent settings. If you want higher assurance, request source code (runtime logic) or run the skill in a sandbox to verify behavior.

Purpose & Capability: okName/description (invoice & expense tracking) match the instructions and the included files: ledger storage, CSV export, categories.json, reporting and alerts. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope: okSKILL.md confines operations to local files (./data/ledger.json, ./config/categories.json, ./exports/*), backup-before-write behavior, and user confirmations. It does not instruct reading unrelated system paths, environment variables, or contacting external endpoints. It clearly documents what it will write and where.
Install Mechanism: okInstruction-only skill with no install steps and no code to download or execute. Low installation risk.
Credentials: okNo environment variables, credentials, or external API keys are requested. The only stored configuration is local metadata (default currency, etc.), which is proportionate to the stated purpose.
Persistence & Privilege: okalways is false and the skill does not request permanent system-wide privileges. It will create and maintain local files in the current working directory, which is expected for this functionality.