Back to skill
Skillv1.1.0
ClawScan security
KPI Alert System · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
ReviewMar 18, 2026, 12:15 AM
- Verdict
- Review
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's purpose (KPI monitoring with QBO/Sheets/CSV inputs and alerts) is reasonable, but the runtime instructions assume external CLI/tools and credentials that are not declared in the skill metadata — the bundle lacks transparency about dependencies and credential handling.
- Guidance
- This skill appears to do what it says, but there are transparency gaps you should resolve before installing: 1) Ask the author which binaries or other skills must be present (specifically the 'qbo' and 'gog' CLIs referenced). 2) Confirm how QuickBooks and Google Sheets credentials are provided and stored (platform secrets or other skill-managed auth), and avoid embedding credentials/webhooks directly in YAML if possible. 3) Review any Slack/Telegram webhook or target values to ensure they point to channels you control and do not leak sensitive info. 4) If you plan to run scheduled checks, verify cron permissions and that the agent will not receive broader access than necessary. If the author cannot clarify the dependency/credential handling, treat installation as higher risk.
Review Dimensions
- Purpose & Capability
- noteThe skill claims to connect to QuickBooks Online and Google Sheets and to send alerts via Telegram/Slack/email — those capabilities match the description. However, the SKILL.md shows shell commands calling 'qbo' and 'gog' CLIs (and writing/reading /tmp files), but the registry metadata lists no required binaries or credentials. That mismatch means the skill implicitly depends on external tools or other skills without declaring them.
- Instruction Scope
- concernInstructions include concrete shell examples that read and write local files (/tmp/*.json and CSV paths), run 'qbo' and 'gog' commands, and instruct posting to Slack/Telegram. They do not instruct where QuickBooks or Google auth comes from (no env vars shown) and rely on user-supplied webhooks/targets inside YAML. The instructions do not request unrelated secrets, but they are vague about how credentials are supplied and which external tools are expected to be present.
- Install Mechanism
- okThis is an instruction-only skill with no install spec and no code files. That minimizes install-time risk (nothing is downloaded or executed by an installer).
- Credentials
- concernThe skill requires access to QuickBooks and Google Sheets data in practice, but the skill metadata declares no required environment variables or primary credential. The example config embeds webhooks/targets directly (Slack webhook URL placeholder). The absence of declared credentials reduces transparency: users need to know where QBO/Sheets credentials are stored (platform secrets, other skills, system env) before trusting this skill.
- Persistence & Privilege
- okalways is false and the skill does not request permanent/automatic inclusion. The SKILL.md suggests using platform cron for scheduling, which is reasonable. There is no instruction to modify other skills or system-wide settings.