家庭消费意图识别 V4
ReviewAudited by ClawScan on May 10, 2026.
Overview
Prompt-injection indicators were detected in the submitted artifacts (unicode-control-chars); human review is required before treating this skill as clean.
Before installing, understand that expenses, income, budgets, savings goals, subscriptions, and family member data will be saved locally under ~/.openclaw/skills-data/family-expense-intent. Confirm any command that changes records, use it only on a trusted device, and consider verifying the package source because the registry lists the source as unknown. ClawScan detected prompt-injection indicators (unicode-control-chars), so this skill requires review even though the model response was benign.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
You have less assurance about where the code originated, although the provided artifacts do not show suspicious install behavior.
The registry metadata gives only a generic homepage and an unknown source, so users have less provenance context for the included Python helper. No remote installer or hidden dependency is shown.
Source: unknown; Homepage: https://github.com/openclaw/skills
Install only from a trusted registry or verified package source, and review the included code if provenance matters.
If run unintentionally, the skill could create inaccurate household finance records or recurring entries.
The documented CLI commands can add or update local income, subscription, recurring, and budget records. This is expected for a finance tracker, but it changes persistent records.
python3 expense_tracker.py add-income member_1 5000 "工资" ... add-subscription ... process-recurring ... set-budget
Confirm record-changing commands before execution and periodically review the stored records.
Anyone or any tool with access to this OpenClaw data directory may be able to read household financial history entered into the skill.
The skill persistently stores household profiles, expenses, income, budgets, goals, and subscriptions. This is disclosed and purpose-aligned, but it is sensitive financial memory.
~/.openclaw/skills-data/family-expense-intent/ ... profiles.json ... conversations.json ... income.json ... budgets.json ... goals.json ... subscriptions.json
Use it on a trusted device, avoid entering unnecessary sensitive details, and delete or back up the data directory when appropriate.