Norman: Manage Clients
PassAudited by ClawScan on May 10, 2026.
Overview
This instruction-only skill is clearly for managing Norman Finance client records, but it can read and change business client data through the Norman Finance MCP.
This skill appears appropriate if you want the agent to manage Norman Finance client records. Install or enable it only for the correct Norman Finance workspace, and confirm any create or update action before it is applied.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent can list, create, or update client records; mistaken instructions or missing confirmation could alter business client data.
The skill instructs the agent to use tools that read and mutate the client database. This is aligned with the stated purpose, but these are business-record actions that should remain user-directed.
- Call `list_clients` to show all clients ... When creating a client with `create_client` ... Call `update_client` with only the fields that need changing
Review client details before any create or update action, and consider requiring explicit final confirmation for new client creation as well as updates.
If connected to the wrong Norman Finance account or workspace, the agent could expose or change the wrong client records.
The skill depends on the Norman Finance MCP, so its actions likely run under a connected Norman Finance account or workspace. This is expected for the integration, but it is delegated account access.
requires:
mcp:
- norman-financeBefore use, verify the connected Norman Finance MCP account, workspace, and permissions match the client database you intend to manage.