ClawHub

Finance Skill

Security checks across malware telemetry and agentic risk

Overview

This is a coherent local finance skill that stores sensitive bank and transaction data on disk, so users should protect and review that data.

Install only if you are comfortable keeping bank statements and transaction history under ~/.openclaw/workspace/finance. Review parsed transactions before relying on summaries, periodically delete records or raw statements you no longer need, and protect the machine with normal local safeguards such as private accounts, trusted dependencies, backups you understand, and disk encryption where appropriate.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The README explicitly encourages storing highly sensitive financial records and original bank statements on disk, but it does not warn users about retention, local access risks, backup leakage, or the need to protect those files. In a finance-oriented skill, this omission matters because users may reasonably assume 'local' means 'safe' and store bank data without understanding exposure through shared accounts, unencrypted disks, or synced home directories.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill explicitly directs persistent storage of highly sensitive financial data, including raw statements and transaction histories, in predictable local paths without any privacy warning, retention limits, access controls, or consent checkpoint. In an agent setting, this creates a real risk of quietly accumulating sensitive personal financial records that may later be exposed to other tools, users, or processes on the same system.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill instructs the agent to append parsed statement data into a persistent transaction store as part of the normal workflow, but does not require explicit confirmation before modifying durable financial records. This is dangerous because an agent could write incorrect, duplicated, or privacy-sensitive financial entries to long-lived storage without the user's informed approval.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal