v1.1.6

Simplify Budget Expense Tracker

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 8:36 AM.

Analysis

The skill mostly matches a budget-tracking purpose, but it can edit a Google Sheets budget with service-account credentials and includes a hardcoded fallback spreadsheet ID that deserves review before installation.

GuidanceBefore installing, explicitly set SPREADSHEET_ID, GOOGLE_SA_FILE, and TRACKER_CURRENCY, and consider removing the hardcoded spreadsheet fallback from commands/exec.sh. Use a dedicated Google service account shared only with your copied Simplify Budget sheet, review the bundled scripts, and periodically check learned category aliases. I did not find artifact evidence of wallet or purchase execution despite the capability signals, but the Google Sheets edit authority is real and should be treated carefully.

Findings (5)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityLowConfidenceHighStatusNote

SKILL.md

You MUST use the `exec` tool to run the bash scripts below... Every single response must begin by running the appropriate script

The skill is intentionally shell-script driven. That is coherent with its design, but it means budget questions and mutations are performed through local commands rather than a narrower API-only interface.

User impactA budget request can cause local scripts to run and potentially change the Google Sheet.

RecommendationReview the bundled scripts, keep confirmations for updates/deletes, and install only in an environment where running these commands is acceptable.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

metadata

Source: unknown
Homepage: none
Install specifications: No install spec — this is an instruction-only skill.

The package has limited provenance metadata and relies on manually installed bundled scripts. No suspicious static findings were reported, but provenance is still relevant because the scripts handle financial data and credentials.

User impactUsers have less publisher/source context when deciding whether to trust the bundled scripts.

RecommendationReview the included files before installation and prefer a version with clear source repository and release provenance.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceHighStatusConcern

commands/exec.sh

export GOOGLE_SA_FILE="${GOOGLE_SA_FILE:-${OPENCLAW_HOME}/sa.json}"
export SPREADSHEET_ID="${SPREADSHEET_ID:-12zEXdPR9CO7tuFIRqkIM3cQJHvtKo0Q6mXitxiW2WQg}"

The dispatcher falls back to a local service-account file and a specific hardcoded spreadsheet ID, even though the setup describes SPREADSHEET_ID as required. If configuration is missing or wrong, the skill may try to read or write an unintended Google Sheet rather than stopping.

User impactBudget entries could be sent to or looked up from the wrong spreadsheet if the environment is not explicitly configured.

RecommendationRemove the hardcoded spreadsheet fallback, require SPREADSHEET_ID to be explicitly set, and fail closed when required environment variables are missing.

Identity and Privilege Abuse

SeverityLowConfidenceHighStatusNote

SETUP.md

Open your copied Google Sheet and share it with the service account email from the JSON key.

Give it editor access.

The skill requires a Google service account with edit access to the budget sheet. This is expected for logging, updating, and deleting rows, but it is a sensitive delegated permission.

User impactAnyone or anything using that service account through the skill can modify the linked budget sheet.

RecommendationUse a dedicated service account for only this copied budget sheet, avoid sharing broader Google Drive access, and revoke the key if you stop using the skill.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityLowConfidenceHighStatusNote

README.md

Once the user confirms, the skill can learn that alias for future suggestions.

The skill persists category aliases for future use. This is purpose-aligned, but stored aliases can influence later categorizations and may reveal spending-category preferences.

User impactFuture expense categorization may be affected by prior learned aliases, including mistaken or unwanted ones.

RecommendationPeriodically review or clear learned aliases if categories are wrong or if you do not want the skill retaining those hints.