Ai Company Cfo

This skill appears to be a coherent CFO advisor/automation, but there are important red flags you should address before installing: - Credentials: The skill describes connecting to ERP, bank APIs, cloud billing and blockchain wallets but declares no required credentials. Do not provide broad system credentials casually. Prefer scoped service accounts, read-only API keys where possible, and separate credentials per integration. - Network + file permissions: The skill is allowed to read/write workspace files and access APIs. Ensure no sensitive secrets (SSH keys, cloud creds, bank API keys, .env files) are stored in the workspace. Run in a sandboxed environment first. - Subagent/mcp privileges: The skill requests sessions_send and subagents. That allows it to spawn subagents which can expand capabilities and exfiltrate data. Disable subagent creation unless you explicitly trust the publisher and need that feature. - Deletion instruction: AGENTS.md suggests deleting BOOTSTRAP.md after following it. Any instruction that suggests deleting files should be treated cautiously — verify what would be deleted and why. - Source trust: The source is 'unknown' and owner metadata is minimal. If you plan to use this for real financial operations (payments, transfers), verify the publisher, review all endpoints the skill will call, and perform an operational security review of each integration (audit logs, least-privilege credentials, multisig manual approvals, and test in staging with no real money). Recommended actions: test in an isolated sandbox; require manual approval for any action that would move money; restrict or remove mcp subagent permissions; only provide minimal, scoped credentials; and review all runtime endpoints the agent will call before granting network access.