Back to skill
Skillv0.1.0
ClawScan security
Greek Banking Integration · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 21, 2026, 8:08 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- Instruction-only skill that documents how to run OpenClaw commands to parse Greek bank statement files; it requests only a data directory and jq and does not ask for unrelated credentials or perform hidden network calls.
- Guidance
- This skill is an instruction-only wrapper that expects the OpenClaw runtime/CLI to perform the actual parsing and reconciliation. Before installing or using it: 1) Verify you have (or trust) the OpenClaw CLI implementation that the commands call—inspect that code or its repository to confirm it has the PDF/Excel parsers you need. 2) Only set XERO_API_KEY or other API secrets if you intend to enable direct pushes; treat those as sensitive. 3) Keep OPENCLAW_DATA_DIR on a secure filesystem with restricted permissions because it will contain sensitive bank statements. 4) The README suggests installing jq via sudo—run package installs manually in a controlled environment (e.g., VM) if you are unsure. 5) If you need stronger guarantees, request source code or a vetted implementation (the homepage link is provided) and test the workflow on non-production data first.
Review Dimensions
- Purpose & Capability
- noteThe skill's name/description (Greek bank statement parsing and reconciliation) aligns with its requirements: it needs OPENCLAW_DATA_DIR to read files and jq for simple JSON handling. Minor inconsistency: the SKILL.md claims support for PDFs/MT940/OFX/Excel parsing but the skill is instruction-only and only declares jq as a required binary—the heavy lifting appears to be expected from the OpenClaw runtime/CLI rather than the skill itself.
- Instruction Scope
- okRuntime instructions are focused on file-based processing: creating import directories, placing exported CSV/Excel/PDF files there, and running openclaw CLI commands for import/reconciliation. The instructions do not tell the agent to read unrelated system files, harvest credentials, or contact external endpoints. They do recommend installing jq via apt if missing.
- Install Mechanism
- noteThere is no install spec (lowest risk). The SKILL.md suggests installing jq with 'sudo apt install jq', which assumes Debian-like systems—this is a usability note rather than a security red flag, but it does mean operators may run a privileged package install manually.
- Credentials
- okOnly OPENCLAW_DATA_DIR is required (to host imports/exports). Optional environment variables (QUICKBOOKS_IMPORT_DIR, XERO_API_KEY) are explicitly optional and match documented export features. No unrelated secrets or multiple external credentials are requested.
- Persistence & Privilege
- okalways is false and the skill is user-invocable. The skill does not request persistent privileges, nor does it modify other skills or request system-wide configuration changes.