Client Project Manager
PassAudited by ClawScan on May 1, 2026.
Overview
The skill is a coherent local freelance-management assistant, but it stores client and billing records persistently and grants broad local file/shell tools that users should keep scoped.
This appears reasonable for local freelance administration. Before installing, be comfortable with it creating and editing ./freelance-data/ files that may contain client contact and billing details; run it in a dedicated folder and review invoices or update drafts before sharing them.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used carelessly, the agent could alter local files or run local commands outside the intended freelance-data workflow.
The skill declares local read/write/edit and shell access. This is broadly useful for local file management, but Bash is more powerful than the visible workflow requires.
allowed-tools: Read, Write, Edit, Grep, Glob, Bash
Use the skill from a dedicated work directory, keep it scoped to ./freelance-data/, and review any file changes or shell commands before relying on them.
Client names, emails, rates, hours, invoice amounts, and update content may remain on disk and be reused in future invoices or client-facing drafts.
The skill persistently stores and later reuses client contacts, project details, time entries, invoices, and update drafts.
All data is stored in `./freelance-data/` as JSON files: clients.json, projects.json, time-log.json, invoices/, updates/
Keep the data folder private, back it up appropriately, avoid storing unnecessary secrets, and review generated invoices or updates before sending them.