Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
AR Collections
v1.0.2AR Collections & Aging Analysis pipeline for QBO clients. Produces a 7-tab Excel workbook with AR aging buckets (Current/1-30/31-60/61-90/90+), DSO, collecti...
⭐ 0· 135·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name, description, and runtime instructions consistently describe an AR Collections & Aging pipeline that pulls QBO data, computes metrics, and writes an Excel workbook and a local CDC cache. That purpose aligns with the commands shown (python script, node QBO client). However, the skill metadata declares no required credentials, binaries, or config paths even though the instructions explicitly require a Node.js QBO client to be authenticated and a local repository layout (scripts/pipelines/ar-collections.py, clients/{slug}/sop.md). This mismatch (expected QBO credentials and local scripts vs. declared 'none') is an incoherence.
Instruction Scope
SKILL.md instructs the agent/operator to run a local Python script (scripts/pipelines/ar-collections.py), call a Node.js QBO client (node bin/qbo info {slug}), read clients/{slug}/sop.md and write outputs to reports/... and .cache/ar-collections/{slug}.json. Those actions are within the stated purpose, but the skill gives the agent broad discretion to read and write repository files and caches and to contact QBO via the node client — none of which are declared in the skill metadata. Also, the actual script files are not included in the skill bundle; the instructions assume they exist in the runtime environment. This could cause failures or unexpected behavior if the runtime environment differs, and it hides required credentials and file access from the metadata.
Install Mechanism
Instruction-only skill (no install spec, no code files) — lower install risk because nothing is written by the skill bundle itself. The README suggests pip installing openpyxl and requires an authenticated Node.js QBO client; those are normal for this pipeline but are not enforced or declared in metadata. Because the skill will rely on external, out-of-band tooling and repo files, the installation/operational burden is on the host environment rather than the skill — this is expected but should be explicit.
Credentials
The pipeline needs authenticated access to QBO via a Node.js client, which implies API keys/tokens or OAuth credentials, but the skill declares no required environment variables or primary credential. That omission is disproportionate: a QBO-integrating pipeline should declare the type of credential it uses (and any config paths) so operators can review before enabling. The instructions also allow writing to .cache/ and reports/ without declaring or gating file paths.
Persistence & Privilege
always is false and there is no install-time modification of other skills or global agent settings. The pipeline writes to its own .cache and reports directories and suggests updating CLIENT_AR_CONFIG or clients/{slug}/sop.md, which is normal for a repo pipeline but does mean it will modify repository files if run with write permissions. That behavior is scoped to the project; it does not request elevated platform privileges in the metadata.
What to consider before installing
Before installing or invoking this skill, verify these points: (1) The skill assumes you have an existing repository with scripts/pipelines/ar-collections.py and a Node.js QBO client — the skill bundle does not include these files. Do not run it unless those scripts and the QBO client exist and are reviewed. (2) QBO access requires credentials (API keys or OAuth tokens); the skill does not declare or explain required env vars. Ensure you only provide least-privilege credentials scoped to read AR data and audit/rotate them. (3) The pipeline will read clients/{slug}/sop.md and may update CLIENT_AR_CONFIG and write .cache/ar-collections/{slug}.json and reports/ files — confirm you’re comfortable with those repository writes and with any PII in the outputs. (4) Run first in a sandboxed environment or QBO sandbox to confirm behavior and outputs. (5) If you intend to let an autonomous agent invoke this skill, restrict its permissions and network access and require an explicit review step before it runs against production credentials. If the author can provide the missing script files or document exactly what credentials/config are needed, re-evaluate; as-is the omission of declared credentials and the assumption of local scripts makes the skill's runtime requirements unclear.Like a lobster shell, security has layers — review code before you run it.
latestvk9786d1pnaewp28ft4x2w5p5kx83ce1h
License
MIT-0
Free to use, modify, and redistribute. No attribution required.