Family Financial Planner
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a coherent financial-planning dashboard skill with no artifact-backed malicious behavior, but it handles sensitive family financial details and includes one remote font dependency.
This skill appears safe to use for its stated purpose, but treat the generated dashboard as a sensitive financial document. Keep it private, verify important financial assumptions independently, and remove or accept the Google Fonts dependency if you need a fully offline file.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your household income, assets, debts, expenses, and decision scenarios may be embedded in the generated dashboard.
The workflow asks for detailed household income, assets, debts, and expenses, then turns them into a persistent HTML dashboard. This is purpose-aligned, but the generated file will contain sensitive financial context.
月收入:税前工资、到手工资、被动收入... 流动资产:存款、股票/基金、理财产品... 固定资产... 负债... 生成完整的单文件 HTML 仪表盘
Provide only necessary details, avoid unnecessary personal identifiers, and store or share the generated HTML file only with trusted people.
Opening the generated dashboard may make an external request to Google Fonts, so the file is not completely offline as described.
The dashboard template loads a remote Google Fonts stylesheet. This is a minor external dependency and appears design-related, but it conflicts with the skill's stated zero-external-dependency design.
<link href="https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@400;500;600;700&family=IBM+Plex+Mono:wght@400;500&display=swap" rel="stylesheet">
Use bundled or system fonts for a fully offline dashboard, or clearly disclose the remote font dependency to users.