Rapprochement Bancaire
ReviewAudited by ClawScan on May 12, 2026.
Overview
Prompt-injection indicators were detected in the submitted artifacts (unicode-control-chars); human review is required before treating this skill as clean.
Before installing, be aware that this skill reads sensitive local bank and invoice data and can update payment status in followup.md. It appears well-scoped and instruction-only, but you should run it for explicit client/month reconciliation tasks and review generated CSV and followup changes. ClawScan detected prompt-injection indicators (unicode-control-chars), so this skill requires review even though the model response was benign.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A reconciliation run can mark invoices as paid or possibly paid, which may affect accounting follow-up decisions.
The skill authorizes local file mutations in accounting workflow files, including payment-status updates, but the writes are disclosed and limited to reconciliation outputs and one followup.md column.
Écrire `clients/<slug>/<AAAA>/<MM>/rapprochement.csv` ... Mettre à jour la colonne « Statut paiement » de `followup.md` pour les matches `fort` et `moyen`.
Run it only for the intended client and month, and review the generated CSV and followup.md changes, especially medium-confidence matches.
The skill will process sensitive financial information and create local reconciliation artifacts that may reveal transaction and invoice details.
The skill reads sensitive bank statements, invoice indexes, and client accounting files, then creates derived local records. It also includes a privacy guardrail for logs.
Charger les transactions depuis `clients/<slug>/<AAAA>/<MM>/bank-statements/` ... Charger les factures du mois ... depuis `index.json` ... `Pas de PII dans les logs`
Use it only in a trusted workspace, protect the generated CSV/log files, and verify logs do not include raw transaction labels or IBANs.
If a match is wrong, it could affect a later reminder or accounting follow-up outside the current month.
A reconciliation for one transaction month may update the followup file for the invoice’s original month and clear a reminder field when a payment is considered confirmed.
Trouver la ligne ... du mois d'origine de la facture ... `Vider « Prochaine relance » si statut devient payée`.
Review anomalies and uncertain matches, and keep human-edited payment or reminder decisions authoritative.