ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Ledgi

v1.0.0

Interact with the user's Ledgi personal finance data. Use when the user asks about their accounts, balances, net worth, holdings, investments, ISA allowances...

0· 129·0 current·0 all-time
by@nelsongallardo
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The skill's functions (listing accounts, holdings, snapshots, upserts) align with a personal-finance CLI. However, the registry metadata declares no required environment variables or primary credential while the SKILL.md explicitly requires LEDGI_API_KEY / ledgi login. That mismatch between declared requirements and actual runtime needs is incoherent.
!
Instruction Scope
SKILL.md stays focused on Ledgi CLI commands and JSON file formats, which is appropriate. But it also instructs installing the CLI via a curl | bash pipeline from a raw GitHub URL. The allowed-tools list only permits Bash(ledgi *) and Bash(echo *), so the install instruction references tools/actions (downloading and executing a remote script) that are outside the skill's declared runtime allowances — an inconsistency and security risk.
!
Install Mechanism
There is no formal install spec in the registry, yet SKILL.md tells users to run 'curl -fsSL https://raw.githubusercontent.com/.../install.sh | bash' (download-and-execute). Piping an install script from a raw URL into a shell is high risk unless the source is trusted and verified; the skill should instead declare a vetted install method or include a package reference. The absence of an install spec plus an explicit remote install command is disproportionate.
!
Credentials
The skill requires an API key (LEDGI_API_KEY or passing --api-key) per SKILL.md, but the registry lists no required env vars or primary credential. Requiring secret credentials for the user's personal finance data is expected for this purpose, but failing to declare them in metadata is an incoherence and a practical risk (users may not realize what secrets will be needed or transmitted).
Persistence & Privilege
The skill does not request persistent or elevated platform privileges: always is false, it is user-invocable, and there is no install spec that writes to system-wide locations. Autonomous invocation is allowed (default) but not by itself a new concern here.
What to consider before installing
Before installing or enabling this skill: (1) Ask the publisher for a homepage or official repository to verify the ledgi-cli project and inspect the install script. (2) Do not run curl | bash from an unknown source — prefer an official release, package, or repository you inspected. (3) Expect the skill to need your LEDGI_API_KEY (a secret); only provide it if you trust the service and understand the API scopes. (4) Confirm the CLI and API endpoints are legitimate and that you control the API key (do not paste keys into third-party UIs). (5) Ask the skill author to correct the registry metadata to declare required env vars and to provide a safe, auditable install mechanism; the current mismatches are the main reason for concern.

Like a lobster shell, security has layers — review code before you run it.

latestvk975mk9e0sj9h74qn1rcy4wy7h82yh8t

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Ledgi CLI Skill

You can interact with the user's Ledgi personal finance tracker using the ledgi CLI. All financial data is accessed through the Ledgi Agent API.

Prerequisites

  • The ledgi CLI must be installed. If not, install with: 
    curl -fsSL https://raw.githubusercontent.com/LedgiApp/ledgi-cli/main/install.sh | bash
  • The LEDGI_API_KEY environment variable must be set, or the user must have run ledgi login --api-key ledgi_sk_...

If a command fails with an auth error, ask the user to set their API key.

Core workflows

Read financial data

ledgi accounts list                    # All accounts
ledgi accounts list --type isa_stocks  # Filter by type
ledgi holdings list                    # All investment holdings
ledgi holdings list --account-id ID    # Holdings in one account
ledgi networth summary                 # Net worth breakdown
ledgi snapshots list                   # Historical snapshots
ledgi isa summary                      # ISA allowance and usage

All commands return JSON by default. Use --output table for human-readable output when displaying to the user.

Create or update accounts

For a single account:

ledgi accounts upsert --name "Monzo Current" --type current --balance 2500 --currency GBP --institution Monzo

For multiple accounts, write a JSON file then bulk-upsert:

ledgi accounts bulk-upsert --file /tmp/accounts.json

See schemas.md for JSON file formats.

Create or update holdings

Write a JSON file then bulk-upsert:

ledgi holdings bulk-upsert --file /tmp/holdings.json

Take a net worth snapshot

ledgi snapshots create
ledgi snapshots create --date 2026-01-31

Log an ISA deposit

ledgi isa deposit --account-id ACCOUNT_ID --amount 5000 --date 2026-02-24

Valid account types

Use these exact values for the --type flag:

  • Cash: cash, current, savings, premium_bonds
  • ISA: isa_cash, isa_stocks, isa_lifetime, isa_innovative
  • Pension: pension, pension_workplace, pension_sipp, pension_state
  • Investment: investment, crypto_wallet
  • Property: property
  • Debt: credit_card, loan, mortgage, student_loan
  • Other: other_asset, other_liability

Error handling

  • 401 Unauthorized: API key is missing or invalid. Ask the user to check their key.
  • 403 Forbidden: The API key doesn't have the required scope. Tell the user which scope is needed.
  • 404 Not Found: The referenced resource doesn't exist.
  • 422 Validation Error: Invalid input. Check the account type or required fields.

Important notes

  • Always use --output table when showing results to the user for readability.
  • When creating accounts, include --external-id for idempotency so re-running won't create duplicates.
  • Monetary values are in the account's currency (default GBP).
  • The --date flag uses YYYY-MM-DD format.

For full command reference, see commands.md. For JSON file schemas, see schemas.md.

Files

3 total
Select a file
Select a file to preview.

Comments

Loading comments…