ClawHub

Rapprochement Bancaire

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This accounting reconciliation skill appears purpose-aligned overall, but it under-discloses file writes and persistent state that could affect sensitive bookkeeping records.

Review this before installing. It may be useful for reconciliation work, but confirm exactly which files it can create or modify, whether it asks before changing followup.md or financial records, and how any persistent state is stored, cleared, and audited.

SkillSpector (4)

By NVIDIA

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill explicitly instructs the agent to execute a shell command and to read/write accounting artifacts (`rapprochement.json`, batch reports), yet it declares no permissions. This creates a capability/permission mismatch that can bypass expected trust boundaries, making it harder for reviewers and runtime policy to understand or constrain file-system and command execution behavior.

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The reference instructs the skill to write monthly CSVs and modify `followup.md`, which materially exceeds the declared contract of maintaining a single `rapprochement.json` per client. This creates hidden side effects, increases the writable surface, and can overwrite or mutate business records the user did not authorize under the published skill scope.

Description-Behavior Mismatch

Medium
Confidence
89% confidence
Finding
The documented use of `rapprochement-state.json` introduces an undeclared persistent state file beyond the promised single output. Undeclared state can retain sensitive bookkeeping metadata, affect future runs in non-obvious ways, and make auditability and rollback harder for users who rely on the manifest as the trust boundary.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
Automatic updates to `followup.md`, CSV outputs, and related state without explicit warning or confirmation can silently alter accounting workflow artifacts. In this context, those files may drive collections, payment status, and audit trails, so unannounced writes can cause operational errors and reduce user control over sensitive financial records.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal