Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Budget Builder
v1.0.2Dual-mode budget pipeline for FP&A-quality budget management. Mode A (--build) generates an annual budget from 12 months of QBO history with auto-detected se...
⭐ 0· 116·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The SKILL.md describes pulling data from QuickBooks Online (QBO) and producing Excel workbooks, which is coherent with the 'Budget Builder' purpose. However, the package declares no required credentials, no primary credential, and no install; yet the instructions rely on QBO access and reference a local script path (scripts/pipelines/budget-builder.py) that is not present. Legitimate QBO integration would normally require OAuth/API credentials or a documented auth flow — that is missing here.
Instruction Scope
The instructions instruct reading/writing local files (.cache/... JSON, CSV overrides), reading a saved budget file, and pulling YTD and monthly data from QBO. They also reference running a local Python script at a specific path. Because there is no shipped code and no auth description, it's unclear how the agent is expected to obtain data from QBO or execute the pipeline. The instructions allow creation of cache files and output directories (expected), but they are vague about how authentication/credentials are obtained or stored.
Install Mechanism
There is no install specification and no code files — the skill is instruction-only. This reduces one class of risk (no arbitrary downloaded code), but it also creates a functional gap: the SKILL.md refers to a local script that doesn't exist. Either the skill is incomplete (missing code) or expects the user/agent to supply or download the script at runtime — the latter would be higher risk but is not documented.
Credentials
The instructions require access to QBO data but the skill declares no environment variables or credentials. That mismatch is risky: the skill will need user credentials or OAuth tokens to read QBO, but there is no declared, scoped mechanism for providing them. The skill also writes to .cache and output directories (expected), but there is no guidance on where sensitive tokens would be stored or how long-lived they are.
Persistence & Privilege
always is false and there are no install scripts — the skill does not request permanent platform-wide privileges. It will create local cache files (.cache/budget-builder/...) which is a normal behavior for this type of tool, but the lack of clarity around credential storage is notable (where would OAuth tokens be persisted?).
What to consider before installing
This skill's instructions describe pulling QuickBooks Online data and running a local Python script, but the package contains only SKILL.md and no code or documented authentication flow. Before installing or running: 1) Ask the publisher where the referenced script (scripts/pipelines/budget-builder.py) and any runtime code come from and inspect that code yourself. 2) Confirm how QBO authentication is intended to work (OAuth vs API key), whether the skill asks the agent/user for credentials, and where tokens/credentials would be stored. 3) Never provide full admin credentials; prefer least-privilege API tokens or a documented OAuth flow. 4) If you must use this, run it in a controlled environment and check exactly what files it will read/write (the .cache and output directories). 5) If the publisher cannot provide the missing code and an authentication design, treat the skill as incomplete and avoid giving it access to your QuickBooks or other sensitive accounts.Like a lobster shell, security has layers — review code before you run it.
latestvk970vjd3xagk5qfqxefnz358h583c7h0
License
MIT-0
Free to use, modify, and redistribute. No attribution required.