KSeF Accountant (Polish)
v2.2.6Asystent ksiegowy Krajowego Systemu e-Faktur (KSeF) w jezyku polskim. Uzyj przy pracy z KSeF 2.0 API, fakturami FA(3), zgodnoscia z polskim VAT, przetwarzaniem e-faktur, dopasowywaniem platnosci, rejestrami VAT (JPK_V7), fakturami korygujacymi, mechanizmem podzielonej platnosci (MPP) lub polskimi przeplywami ksiegowymi. Dostarcza wiedze domenowa do wystawiania faktur, przetwarzania zakupow, klasyfikacji kosztow, wykrywania fraudu i prognozowania cash flow w ekosystemie KSeF.
⭐ 0· 1.8k·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (KSeF accounting assistant) matches the content: domain guidance, API examples, FA(3) XML examples, workflows and ML design patterns. Declared optional env vars (KSEF_TOKEN, KSEF_ENCRYPTION_KEY, KSEF_BASE_URL) are directly related to integrating with the KSeF API and are reasonable for this scope. No unrelated binaries, credentials, or install steps are requested.
Instruction Scope
SKILL.md and reference docs are instruction-only and repeatedly state they contain examples and must not execute code. The instructions do not direct the agent to read arbitrary host files, system-level config, or transmit data to unexpected endpoints. They explicitly instruct users to verify platform metadata before supplying secrets and to use DEMO by default.
Install Mechanism
No install spec and no included executable code — the skill is pure Markdown with examples. This is the lowest-risk install mechanism and matches the skill's claim of being instruction-only.
Credentials
Environment variables are declared as optional, marked secret, and clearly documented (token, encryption key, base URL). Their presence is proportionate to the function (auth to KSeF, local token encryption). The skill does not require unrelated credentials or high privilege environment paths. The SKILL.md warns users not to paste secrets into conversation and to verify platform handling of secrets.
Persistence & Privilege
The skill declares disableModelInvocation in both frontmatter and skill.json and is not always-enabled; it does not request autonomous invocation. Because the skill is instruction-only and contains no install operations, it does not persist code or modify platform configuration. Note: enforcement of disableModelInvocation depends on the hosting platform (the skill cannot enforce it itself).
Assessment
This skill is an instruction-only KSeF accounting guide and appears internally consistent, but it relies on platform controls to be safe. Before installing: 1) After adding the skill, check the platform's registry view and confirm disable-model-invocation (or equivalent) is set to true and that KSEF_TOKEN / KSEF_ENCRYPTION_KEY are registered as secrets; if the platform shows them as unset or not secret, do NOT provide tokens. 2) Prefer using the demo base URL and test workflows before any production integration. 3) Never paste tokens, keys, or certificates into the chat; use the platform's secret store or a vault and ephemeral/session secrets where possible. 4) If registry metadata shown by the platform differs from the skill's skill.json/frontmatter, treat the skill as higher risk and contact your platform provider. Following those checks makes using this skill appropriate for its stated purpose.Like a lobster shell, security has layers — review code before you run it.
accountingvk973gt5wckjk75mjrdnv5960bd80zsg6einvocingvk976ywf7d7q52etsv8bp4xp43180zvxceinvoicingvk973gt5wckjk75mjrdnv5960bd80zsg6invoicingvk976ywf7d7q52etsv8bp4xp43180zvxcksefvk973gt5wckjk75mjrdnv5960bd80zsg6latestvk973gt5wckjk75mjrdnv5960bd80zsg6polandvk973gt5wckjk75mjrdnv5960bd80zsg6polishvk973gt5wckjk75mjrdnv5960bd80zsg6
License
MIT-0
Free to use, modify, and redistribute. No attribution required.