Back to skill
Skillv1.0.0
ClawScan security
PL Report Generator · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
ReviewMar 15, 2026, 1:15 PM
- Verdict
- Review
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's instructions match a report-generator purpose but omit required dependencies and credential requirements for data sources and distribution, so its runtime expectations are inconsistent and could lead to unexpected access to sensitive financial data.
- Guidance
- This skill's instructions look like a workable report pipeline, but they omit critical operational details. Before installing or running it, ask the provider for: (1) a full list of required runtimes and libraries (Python, matplotlib, numpy, sqlite3, any CLI tools), (2) the exact credentials or auth flows used for Google Sheets / QuickBooks / email / messaging, and (3) where PDFs and raw financial files will be stored and who can access them. Only run the skill in a controlled environment (non-production) until you confirm dependency and credential handling. If you cannot get that information, treat the skill as risky for sensitive financial data and prefer a vetted implementation or a skill that declares explicit install and credential requirements.
- Findings
[no_regex_findings] expected: The static scanner found nothing to analyze because this is an instruction-only skill with no code files. That is expected, but absence of findings does not mean the instructions are complete or safe.
Review Dimensions
- Purpose & Capability
- concernThe SKILL.md describes extracting data, running Python processing scripts, generating charts with matplotlib, rendering PDFs, and distributing reports. The registry metadata declares no required binaries, no install, and no credentials. Running the provided examples requires Python, matplotlib, numpy, a CSV/SQLite client, and credentials or CLIs for Google Sheets/QuickBooks/email/IM — those are not declared, which is an incoherence between stated purpose and listed requirements.
- Instruction Scope
- concernThe instructions explicitly tell the agent to read local financial files (reports/raw/...), run sqlite3 queries, call a Google Sheets CLI, and ultimately distribute reports via email/messaging. They reference other skills (QBO) and external endpoints implicitly but do not constrain or document which credentials or endpoints will be used. This grants broad discretion to access and transmit sensitive financial data without declared boundaries.
- Install Mechanism
- noteThere is no install spec (instruction-only), which reduces supply-chain risk. However, the skill includes executable examples (bash, python) that require specific runtimes and libraries; those dependencies are not documented or installed by the skill, creating an operational gap the integrator must address.
- Credentials
- concernThe skill declares no required environment variables or credentials, yet the workflow implies need for API keys/credentials for QuickBooks/Google Sheets, email/SMTP or messaging tokens, and access to local file paths containing sensitive P&L data. Absence of declared credentials is disproportionate to the actions the skill instructs it to perform.
- Persistence & Privilege
- okThe skill does not request always-on presence (always:false) and does not appear to modify other skills or system-wide settings. Autonomous invocation is permitted by default but is not combined with other high privileges here.