ClawHub
Back to skill
v1.0.0

Personal Finance

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 6:41 AM.

Analysis

This appears to be a coherent local finance CSV tool, but it handles sensitive transaction data and its optional output/install behavior deserves care.

GuidanceThis skill looks appropriate for local CSV analysis. Before installing or using it, verify you are running the packaged files rather than unreviewed cloned code, provide only the finance CSVs you intend to analyze, and review any --output path because existing files can be overwritten.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityLowConfidenceHighStatusNote
personal-finance.sh
if out_path.exists():
            print(f"Warning: {out_path} already exists and will be overwritten.", file=sys.stderr)
...
        with out_path.open("w", newline="", encoding="utf-8") as ostream:

When --output is supplied, the script performs a local file write and will overwrite an existing output file after a warning. This is user-directed and related to categorization, but it is still a mutation of local files.

User impactChoosing an existing or unintended output path could overwrite a local file with the categorized CSV.
RecommendationUse a new, clearly named output path and review any agent-proposed --output path before allowing the command to run.
Agentic Supply Chain Vulnerabilities
SeverityInfoConfidenceMediumStatusNote
README.md
git clone https://github.com/ppopen/personal-finance.git
cd personal-finance
chmod +x personal-finance.sh

The README suggests cloning and running code from an external GitHub repository, while the registry metadata lists the source as unknown and provides no homepage. This is user-directed setup, but users should verify they are using the reviewed artifact or a trusted pinned source.

User impactFollowing the README literally could fetch code that differs from the reviewed package.
RecommendationPrefer the packaged skill files reviewed here, or verify the GitHub repository and pin a trusted commit before running cloned code.
Human-Agent Trust Exploitation
SeverityLowConfidenceHighStatusNote
README.md
**Safe output paths**: Script validates output paths to prevent overwrites

This safety claim is overstated relative to the script behavior shown elsewhere, which warns that an existing output path will be overwritten. The mismatch could lead a user to over-trust the overwrite protection.

User impactA user may assume existing files cannot be overwritten when the script can overwrite an explicitly provided output file.
RecommendationDo not rely on the README's overwrite-prevention claim; check output paths manually and avoid existing filenames.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityInfoConfidenceHighStatusNote
SKILL.md
Operate on exported bank or credit-card CSVs ... required fields (`date`, `description`, `amount`, `account_number`)

The skill intentionally reads personal finance exports containing transaction details and account identifiers. This is purpose-aligned and disclosed, but the data is sensitive.

User impactThe agent and local script may process private financial history and account identifiers from the CSV files you provide.
RecommendationOnly point the skill at intended finance exports, keep the files local, and verify that account numbers are masked in any outputs you share.