Ride Receipts
PassAudited by ClawScan on May 1, 2026.
Overview
This skill is coherent and transparent, but it handles sensitive Gmail ride receipts, locations, and payment details that will be stored locally and sent to the selected Gateway-backed model.
Before installing, confirm you are comfortable granting the agent access to the selected Gmail account's ride receipts and sending raw receipt content to your Gateway-backed model. Use a narrow date range when possible, keep the output directory private, and avoid sharing the generated database or CSV without reviewing the fields.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent can fetch ride receipt emails from the selected Gmail account, revealing travel, spending, and account information within the chosen scope.
The skill relies on an already-authenticated Gmail CLI account and enumerates configured accounts before fetching receipts, which is sensitive account access but directly tied to the stated Gmail receipt purpose.
Require `gog` CLI authenticated for the target Gmail account. Always run `gog auth list` before fetching...
Confirm the Gmail account and date range carefully, and only run this with a gog profile you trust the agent to use for receipt access.
Receipt contents may be processed by the active Gateway-backed model, so any non-local or misconfigured Gateway could expose sensitive trip details.
Raw email JSON/HTML is sent to the configured OpenClaw Gateway /v1/responses endpoint with a bearer token for extraction. The code defaults to localhost/private hosts and refuses untrusted hosts unless overridden.
prompt = SYSTEM_PROMPT + "\n\nEmail JSON:\n" + json.dumps(email_obj, ensure_ascii=False) ... Request(f'{base_url}/v1/responses' ... 'Authorization': f'Bearer {token}'Use a loopback or trusted private Gateway, avoid non-local Gateway URLs unless you explicitly accept the data flow, and protect the Gateway token.
Local files may contain travel routes, timestamps, amounts, payment details, and full receipt HTML that other local users, backups, or sync tools could access.
The workflow persistently stores raw fetched receipt emails locally, along with extracted ride records and a SQLite database.
`data/gateway-llm/emails.json` — fetched receipt emails in one JSON array; may include full HTML receipt content
Store the output in a protected location, avoid syncing it unintentionally, and delete emails.json when it is no longer needed.
A user might treat the CSV as safe to share even though it can still expose sensitive movement and spending patterns.
The export is labeled anonymized but still includes city-level locations, rounded times, months, and amounts, which can reveal travel patterns if shared.
description="Export anonymized rides CSV" ... "email_month", "start_time_15m", "amount", "pickup_city", "pickup_country", "dropoff_city", "dropoff_country"
Treat the export as de-identified rather than fully anonymous, and review the fields before sharing it.