Skillv0.1.3

ClawScan security

Find missing receipts (requires plow.co) · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 29, 2026, 12:29 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requests, instructions, and included code are consistent with its stated purpose of matching Mercury CSV rows to merchant emails in connected Gmail accounts and forwarding those originals to receipts@mercury.com.
Guidance: This skill will search any Gmail accounts that the Plow container has access to and forward matched merchant emails to receipts@mercury.com. Before installing, confirm you trust the Plow container provider (plow.co) and are comfortable granting it Gmail access, because the skill's core function requires reading and forwarding email content (which may include personal data). Review and optionally run the bundled scripts (scripts/receipts_db.py) yourself to verify behavior, and consider lowering the default cron frequency if you do not want near-continuous checking (default is every 5 minutes). Finally, if you want tighter control, ensure the agent only runs when you explicitly invoke it rather than leaving the cron enabled permanently.

Review Dimensions

Purpose & Capability: okName/description match the runtime instructions and the included scripts: the skill searches connected Gmail accounts (via Plow tools) and forwards matched merchant emails to receipts@mercury.com. It does not request unrelated credentials, binaries, or network endpoints in SKILL.md or the code.
Instruction Scope: okSKILL.md confines actions to reading /workspace/receipts.db, importing a provided CSV, searching every connected Gmail account via plow_gmail_search, and forwarding with plow_gmail_forward. It explicitly forbids fabricating forwards and advises not to carry prior-run summaries in prompt context. No instructions request unrelated files, env vars, or external endpoints.
Install Mechanism: okThis is an instruction-only skill with bundled helper scripts; there is no install spec that downloads or writes arbitrary code to disk. The included Python script operates on a local SQLite DB and uses no external install URLs.
Credentials: okThe skill requires access to connected Gmail accounts (provided by a Plow container) which is proportionate to searching and forwarding receipts. It requests no unrelated environment variables or secrets. The forwarding destination (receipts@mercury.com) is explicit and appropriate for the task.
Persistence & Privilege: noteThe skill is intended to be scheduled (default cadence every 5 minutes) via the platform's openclaw cron CLI. It does not set always:true and does not modify other skills. Consider whether the default 5-minute cadence is appropriate for your privacy/noise requirements.