Aigroup Financial Services Openclaw Release
Security checks across static analysis, malware telemetry, and agentic risk
Overview
Prompt-injection indicators were detected in the submitted artifacts (base64-block, unicode-control-chars); human review is required before treating this skill as clean.
Before installing, make sure you trust this publisher and the companion office/MCP tools you plan to use. Review the preflight/setup commands, install only needed runtimes, and avoid running the template-skill creator or document workflows on confidential files unless the local host skills and bundled binaries are acceptable for your environment. ClawScan detected prompt-injection indicators (base64-block, unicode-control-chars), so this skill requires review even though the model response was benign.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal engine telemetry is currently stale for this artifact.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill may rely on local runtimes and package installation steps when producing Office deliverables.
The documentation discloses runtime tools and package installs that are not reflected as registry requirements. These are expected for document/model generation, but users should know they are part of the operating environment.
Runtime dependencies (must be on PATH) ... `python3` ... `uvx` ... `node` ... `python-pptx` ... `pptxgenjs` ... `npm install pptxgenjs --omit=dev`
Install only the dependencies you need, prefer trusted package sources, and review any npm, uvx, pip, or shell command before running it.
Setup can run local shell commands and affect the local OpenClaw gateway process.
The quickstart asks the user to restart the gateway and run a bundled shell preflight script. This is disclosed setup behavior and aligned with installing a plugin, but it is still local command execution.
launchctl kickstart -k gui/$(id -u)/ai.openclaw.gateway bash ~/.openclaw/extensions/aigroup-financial-services-openclaw/scripts/preflight.sh
Run these commands only from a trusted checkout/install and inspect the preflight script if you are using this in a sensitive environment.
Document-generation workflows may use bundled executable components rather than only plain markdown instructions.
The bundle includes prebuilt .NET binaries/DLLs for DOCX handling. This is consistent with the advertised Office deliverable functionality, but bundled executables are a supply-chain surface users may want to review.
listed in file manifest as bundled binary: MiniMaxAIDocx.Cli (124240 bytes), with related .dll files
Use the package from the official ClawHub source you intended, and in higher-assurance environments rebuild or verify bundled binaries before relying on them.
If invoked, this workflow can create new local skill files from a PowerPoint template.
The PPT template workflow can read a user-provided template, write a generated skill directory, and use shell commands. That is central to creating a reusable template skill, but it can modify local files and future skill assets.
allowed-tools: ["Read", "Write", "Bash", "Glob"] ... Generate skill directory with assets/ and SKILL.md ... Package the skill
Use this command only with templates you trust and review the generated skill before installing or sharing it.
Your documents, models, or financial inputs may be processed by companion tools or host skills if those routes are available.
The suite discloses routing some deliverable work through companion MCP or host-provided skills. This is purpose-aligned, but financial source material may be passed to those installed local/host components.
Word -> `minimax-docx` -> `aigroup-mdtoword-mcp__markdown_to_docx` ... PPT delegates entirely to host MiniMax PPT skills
Confirm which companion MCP services and host skills are installed and trusted before using the suite with confidential materials.