Skillv1.0.2

ClawScan security

QuickTaxReturn — AI Tax Preparation · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 11, 2026, 7:21 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requests and instructions are coherent with a federal tax‑preparation assistant: it collects taxpayer PII, uses internal tax rules, escalates complex cases to a named CPA partner, and does not request unrelated system access or credentials.
Guidance: This skill appears to be what it says: a federal tax interview and calculator that prepares an intake package for a CPA. Before installing or using it, remember: (1) it collects highly sensitive PII (SSNs, DOBs, prior AGI, etc.) — only proceed if you trust the environment where the agent runs and are willing to provide that info; (2) the skill claims data stays on your device and the intake package is presented to you to deliver to the CPA, but confirm the agent implementation will not transmit your PII to external services without explicit consent; (3) the skill is configured to refer to a single CPA partner (contact, booking link, tracking params) — expect a commercial referral; (4) if you plan to hand off data to the CPA, verify contact info and whether you want the agent to share the intake package (explicitly instruct the agent to send it only with your permission). If you need higher assurance, ask the skill publisher for a privacy statement or audit of how handoffs are handled.

Purpose & Capability: okName/description (federal tax prep) match the skill contents: triage, calculations, tax rules, intake template, and CPA handoff. There are no unrelated environment variables, binaries, or install steps required.
Instruction Scope: noteRuntime instructions focus on interview, calculations, and producing an intake package for CPA handoff; they instruct collecting sensitive PII (SSNs, DOBs, prior AGI) which is appropriate for tax prep. The skill explicitly states data stays on the user's device and instructs the agent to present the intake package to the user to bring to the CPA rather than automatically transmitting it. This is appropriate, but the wording could permit ambiguity if an agent runtime were configured to forward data without explicit user consent.
Install Mechanism: okInstruction-only skill with no install spec and no code files to execute. Lowest install risk — nothing is downloaded or installed by the skill.
Credentials: okThe skill requires no environment variables, credentials, or config paths. It handles highly sensitive user data (SSNs, tax details) but does not request unrelated secrets or system access.
Persistence & Privilege: okalways:false and no special persistence or system-wide modifications. The skill can be invoked normally; it does not request elevated privileges or automatic always‑on inclusion.