Back to skill
Skillv1.0.0
ClawScan security
ClawMart Auto Invoice · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 11, 2026, 10:42 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements and runtime instructions are internally consistent with an invoice-generation assistant and do not request unrelated credentials or install arbitrary code.
- Guidance
- This skill appears to be an instruction-only invoice generator and is internally consistent, but verify operational details before use: 1) Confirm where 'local storage' will write generated PDFs (path and access permissions) and whether those files are encrypted or shared. 2) Be cautious with sensitive data (bank account numbers, tax IDs) — only provide what’s necessary and verify retention policy. 3) The SKILL.md mentions a model (GLM-5) and runtimes (Node.js/Python) but provides no implementation; if the publisher later supplies code or an installer, inspect it for network calls or credentials. 4) If you plan to integrate this skill into systems that hold financial data, request an explicit implementation/source and audit how data is stored and transmitted.
Review Dimensions
- Purpose & Capability
- okName/description (auto PDF invoices, templates, client management, reports) match the SKILL.md content. There are no declared env vars, binaries, or config paths that would be unexpected for this purpose.
- Instruction Scope
- noteSKILL.md is an instruction-only spec showing invoice templates, example outputs, and required company info. It does not instruct the agent to read system files, environment variables, or to send data to arbitrary external endpoints. Minor ambiguity: it mentions '本地存储' (local storage) and a tech stack (Node.js/Python, GLM-5) without specifying where data is stored or whether an external model/service is invoked.
- Install Mechanism
- okNo install spec and no code files are present, so nothing will be written to disk by the skill itself. This is the lowest-risk install posture for an instruction-only skill.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths. That aligns with a purely instructional template for generating invoices.
- Persistence & Privilege
- okThe skill is not marked always:true and makes no requests to change agent-wide settings. Autonomous invocation is allowed (platform default) but not combined with broad privileges.