Heath Ledger
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill’s bookkeeping purpose is coherent, but it stores bank and Stripe API keys locally in plaintext while the registry declares no credential requirement.
Review before installing. The skill appears aimed at legitimate bookkeeping, but it handles very sensitive bank and Stripe data. Use restricted read-only API keys where possible, protect or encrypt the local `data/heath.db` database, rotate keys after testing, and manually review AI-created categories before relying on generated financial statements.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone who can read the skill’s local database may be able to use saved bank API credentials to access transaction data.
The skill stores the Mercury API token in the local database as an access_token. This is expected for a bank integration, but it is high-impact credential persistence, and the registry metadata declares no primary credential or required env vars.
db.prepare('INSERT INTO connections (entity_id, provider, access_token) VALUES (?, ?, ?) RETURNING id').get(entityId, 'mercury', token);Only use a least-privilege/read-only Mercury token, store the skill directory securely, rotate tokens after testing, and prefer credential storage that is encrypted or clearly documented.
A leaked local database could expose Stripe financial data access for the connected business.
The optional Stripe API key is also persisted as an access_token. Stripe keys can expose sensitive revenue, fee, refund, and balance data, and the artifacts do not show encryption, token scoping guidance, or cleanup guidance.
db.prepare('UPDATE connections SET access_token = ?, updated_at = datetime(\'now\') WHERE id = ?').run(apiKey, existing.id);Use a restricted Stripe key with the minimum read permissions needed, avoid production write-capable keys, and revoke or rotate the key if the local database may have been exposed.
Sensitive bank transaction details may be exposed to the AI model used for categorization.
When rules do not match, the script prepares transaction details, including counterparty, bank description, amount, and type, for AI categorization.
transactions: needsAi
Review which model/provider will process the transaction prompt, avoid sending unnecessary sensitive descriptions, and manually review AI categorizations before relying on generated books.
A wrong but confident AI categorization can become a future rule and affect later financial statements.
High-confidence AI results create or update persistent categorization rules for future transactions.
insertRule.run(entityId, tx.counterparty_name || norm, norm, r.category, r.subcategory || null, r.confidence);
Review newly created AI rules periodically, especially before generating final books or sharing statements.
Installing and using the skill means running local code that reads and writes a bookkeeping database and Excel files.
The skill is instruction-driven but relies on local Node/bash scripts for normal operation.
All scripts are in `scripts/`. Run with bash or node. Database is SQLite at `data/heath.db`.
Run it in a trusted workspace, inspect the local files it creates, and keep the database and generated workbooks private.