QuickBooks for Beginners | Accounting skills
WarnAudited by ClawScan on May 18, 2026.
Overview
This is a high-impact CreditClaw payment/spending skill that appears mislabeled as a QuickBooks/accounting skill and includes card-decryption and purchasing flows.
Treat this as a payment-wallet skill, not a QuickBooks/accounting skill. Install only if you intend to let an agent manage CreditClaw spending, keep approval required for purchases, verify all remote companion files and delivered decrypt scripts, and protect the API key and local spending/card files.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user looking for an accounting/QuickBooks skill could accidentally grant an agent payment authority.
The user-facing name and slug suggest a QuickBooks/accounting skill, while the description and package contents are for agent shopping and payments. That mismatch could cause a user to trust or install the skill under the wrong expectation.
Name: QuickBooks for Beginners | Accounting skills ... Slug: qb ... Description: Let your agent shop online with guardrailed wallets, multiple payment methods, and owner approval.
Only install if you intentionally want CreditClaw payment-wallet functionality; the listing name should be corrected to match the financial-spending purpose.
If the delivered script or card file is tampered with, the agent could expose or misuse payment-card data.
The skill instructs an agent to run a later-delivered script that was not included in the reviewed package and that handles full real-world card details.
The sub-agent runs the deterministic decrypt script that was delivered with the card file: ... node decrypt.js <key_hex> <iv_hex> <tag_hex> Card-ChaseD-9547.md ... This outputs the card JSON (number, CVV, expiry, name, billing address).
Do not run the encrypted-card flow unless you trust the provider and can verify the delivered decrypt script; keep owner approval required and avoid logging decrypted card data.
Anyone or any agent with the API key may be able to operate the CreditClaw wallet within its configured limits.
The required CREDITCLAW_API_KEY is a high-impact financial credential, even though its use is disclosed and aligned with the CreditClaw payment purpose.
Your API key is your identity. Leaking it means someone else can spend your owner's money.
Store the key securely, send it only to creditclaw.com, use low spending limits, and revoke or rotate it if it may have been exposed.
The agent may be able to place real orders and provide shipping details when guardrails allow it.
The skill documents endpoints that let an agent initiate real merchant orders. This is purpose-aligned for a shopping wallet, but it is financially high impact.
When you submit a purchase request, CreditClaw routes the order through Crossmint and places a real order with the merchant.
Keep approval mode set to ask-for-everything until you are comfortable, and review merchant, item, amount, and shipping details before purchase.
A user may rely on additional remote instructions for payment signing that were not reviewed here.
The package references a Stripe/x402 wallet guide that was not present in the provided file manifest, leaving part of a payment-signing rail outside this review.
"STRIPE-X402-WALLET.md": "https://creditclaw.com/creditcard/stripe-x402-wallet.md"
Review any remote companion files before using that rail, especially files that describe signing or spending funds.
If someone edits this file, they could influence future spending decisions.
A persistent local markdown file controls purchase behavior and includes free-form instructions that the agent is told to follow.
Your bot reads this file before every purchase to decide whether to proceed, ask for approval, or decline. ... Your bot will read and follow these.
Protect the spending configuration file from untrusted edits and verify it before allowing purchases.