Firefly III
Security checks across malware telemetry and agentic risk
Overview
This instruction-only finance skill is coherent, but it asks the agent to use an undeclared Firefly personal access token and can create or change sensitive finance records without explicit safeguards.
Use this skill only if you are comfortable giving the agent access to your Firefly III financial data. Store the token securely, use the least-privileged token available, and require the agent to show and confirm any create or update request before it changes your records.
VirusTotal
64/64 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent using these instructions could create incorrect transactions, budgets, recurring entries, or categorization rules in the user's Firefly III instance if it acts on an ambiguous request.
The skill documents direct write calls for transactions, budget limits, and automation rules. These actions are purpose-aligned, but they can materially alter a user's finance records and the instructions do not require explicit confirmation or bounded execution before writes.
curl -X POST "$BASE/transactions" ... curl -X POST "$BASE/budgets/{id}/limits" ... curl -X POST "$BASE/rules"Require an explicit user confirmation step before any POST/PUT/PATCH/DELETE action, show the exact endpoint and payload first, and prefer read-only operations unless the user clearly asks for a change.
Anyone or any agent process with access to the token file may be able to read or modify the user's Firefly III financial records depending on the token's permissions.
The skill requires a Firefly III personal access token for authenticated API access, while the registry metadata declares no required environment variables and no primary credential. This under-discloses the account authority needed for the skill.
Required environment: - `FIREFLY_URL`: Base URL ... - `FIREFLY_TOKEN`: Personal Access Token (stored at `~/.firefly_token`)
Declare the Firefly URL and token as required configuration, document the minimum permissions needed, protect the token file, and use a limited or read-only token when write access is not needed.
Users have less context for verifying that the API examples and security expectations match the trusted Firefly III project documentation.
The registry does not identify an upstream source or homepage for these finance-management instructions. There is no installable code, so this is a provenance note rather than a code supply-chain concern.
Source: unknown Homepage: none
Verify the endpoints and token-handling advice against official Firefly III documentation before granting the skill write-capable API access.