家庭消费意图识别 V4
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: family-expense-intent Version: 4.0.0 The OpenClaw skill 'family-expense-intent' is a local financial management tool. It stores all data in the designated `~/.openclaw/skills-data/family-expense-intent/` directory. The `SKILL.md` documentation provides clear instructions for using the skill's features without any evidence of prompt injection attempts against the AI agent. The `expense_tracker.py` script performs local file operations and data processing. Crucially, the `compare_product` function, which could potentially involve external network calls for price comparison, is explicitly implemented as a simulation returning hardcoded data, thus posing no current network or external execution risk. There are no indications of data exfiltration, persistence mechanisms, or arbitrary command execution.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
You have less assurance about where the code originated, although the provided artifacts do not show suspicious install behavior.
The registry metadata gives only a generic homepage and an unknown source, so users have less provenance context for the included Python helper. No remote installer or hidden dependency is shown.
Source: unknown; Homepage: https://github.com/openclaw/skills
Install only from a trusted registry or verified package source, and review the included code if provenance matters.
If run unintentionally, the skill could create inaccurate household finance records or recurring entries.
The documented CLI commands can add or update local income, subscription, recurring, and budget records. This is expected for a finance tracker, but it changes persistent records.
python3 expense_tracker.py add-income member_1 5000 "工资" ... add-subscription ... process-recurring ... set-budget
Confirm record-changing commands before execution and periodically review the stored records.
Anyone or any tool with access to this OpenClaw data directory may be able to read household financial history entered into the skill.
The skill persistently stores household profiles, expenses, income, budgets, goals, and subscriptions. This is disclosed and purpose-aligned, but it is sensitive financial memory.
~/.openclaw/skills-data/family-expense-intent/ ... profiles.json ... conversations.json ... income.json ... budgets.json ... goals.json ... subscriptions.json
Use it on a trusted device, avoid entering unnecessary sensitive details, and delete or back up the data directory when appropriate.