Greek Banking Integration
PassAudited by ClawScan on May 10, 2026.
Overview
This instruction-only skill is purpose-aligned for processing user-provided Greek bank statements, but it handles sensitive financial data and includes optional accounting-system update/API workflows that users should invoke carefully.
This skill appears coherent and benign for file-based Greek bank statement reconciliation. Before installing or using it, make sure the data directory is protected, avoid configuring the Xero API key unless needed, and manually review any command that updates accounting systems or shares banking data with other skills.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If a user runs the auto-update workflow, accounting records could be changed based on parsed bank data.
The skill documents commands that can automatically update accounting records. This is aligned with reconciliation/payment tracking, but it is high-impact if run without review.
openclaw banking confirm-receipts --client-payments --auto-update-accounting
Use review, dry-run, or backup workflows before running commands that update accounting systems.
A configured Xero key may allow the agent or command workflow to create or modify accounting data in Xero.
The skill optionally uses a Xero API key for direct transaction push. That credential use is disclosed and purpose-aligned, but it grants access to a third-party accounting account.
"XERO_API_KEY": "Xero API key for direct transaction push (alternative to file export)"
Only configure XERO_API_KEY if direct Xero export is needed; use the least-privileged key available and revoke it when no longer required.
Sensitive banking and accounting data may remain on disk and may be reused in later reports or exports.
The skill directs users to place bank statement files in a persistent local data directory. This is expected for file-based processing, but those files may contain IBANs, balances, transaction histories, VAT numbers, and business relationships.
mkdir -p $OPENCLAW_DATA_DIR/banking/imports/{alpha,nbg,eurobank,piraeus}Store the data directory securely, limit access, remove old imports/exports when no longer needed, and review reports before sharing them.
Banking or personal-account data could be shared with other skills if the user invokes these integrations.
The skill documents optional coordination with other OpenClaw skills and meta-orchestration. This is plausible for accounting workflows, but it can move banking context into other workflows.
openclaw banking integrate-compliance --vat-calculations --deadline-tracking openclaw banking sync-individual-taxes --personal-account-data --expense-tracking openclaw banking coordinate-meta --enable-orchestration --business-commands
Run cross-skill coordination only when intended, and confirm what data will be shared with compliance, tax, or orchestration workflows.