Finance Statements
v1.0.1Track financial statements (bank, credit card, insurance, CanadaLife, etc.) in memory tracking files. Use when: (1) user provides a new statement (PDF text,...
⭐ 0· 367·0 current·0 all-time
byWilliam@winlinvip
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The skill name/description describe tracking financial statements and the SKILL.md only asks to list/read/create/append files under memory/finance/, which is coherent. No unrelated credentials, binaries, or external endpoints are requested.
Instruction Scope
Instructions explicitly require scanning, reading, and appending files in memory/finance/, parsing user-provided statement text (including page-by-page append), and validating arithmetic. This stays within the declared scope but does result in persistent storage of highly sensitive financial content (file paths, transactions, balances). The skill also records the user's provided source filename/path which could reveal local metadata.
Install Mechanism
Instruction-only skill with no install spec and no code files — lowest-risk install footprint (nothing is downloaded or written by an installer).
Credentials
No environment variables or external credentials are requested. The only requested capability is RW access to memory/finance/ (declared). This is proportionate to the task but gives the skill the ability to persist sensitive PII/financial data.
Persistence & Privilege
The skill is not always-enabled and uses normal autonomous-invocation defaults. It will write persistent data to memory/finance/ (its declared scope). Because the agent can be invoked and then write/append sensitive statements, you should be aware it can modify your stored financial memory when run.
Assessment
This skill appears internally consistent, but it stores sensitive financial information in the agent's memory files at memory/finance/. Before installing: 1) Only install if you trust the skill source. 2) Confirm you are comfortable with the agent saving transaction-level financial data and filenames in memory/finance/. 3) Consider limiting access (use test data first), enabling confirmations before writes, or disabling autonomous invocation if you want manual review before any changes. 4) Ensure backups, audit/logging, or encryption of stored files if they contain real PII. 5) Review any created or modified files after the first run to verify formatting and that no unintended data was recorded. If you need network export or third-party integrations, verify those are explicit in the skill (this skill shows none).Like a lobster shell, security has layers — review code before you run it.
latestvk97bnms9ha8r48s3t07w3y6xgd821t9y
License
MIT-0
Free to use, modify, and redistribute. No attribution required.