Skillv0.1.0

ClawScan security

FA Advisor · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 5, 2026, 5:04 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The FA Advisor skill appears to be what it claims — a Python-based financial-advisory package that requires only python3 and local installation — with no obvious requests for unrelated credentials or hidden exfiltration, though you should review and run it in a sandbox before granting it access to sensitive documents.
Guidance: This package is internally consistent with its stated purpose, but take these precautions before installing or using it: - Review the package code (fa_advisor/) for any network calls, hardcoded endpoints, or code that would transmit data (look for requests, urllib, socket, httpx, aiohttp). If you see unexplained outbound network activity, do not install. - Install and run in an isolated Python virtualenv or sandbox (or container) so any install-time code executes safely. Use pip install -e . only from the project directory if you trust the source. - Be cautious with the PDF/OCR features: they will read and process any PDF you hand them. Do not feed sensitive or non-redacted financial/legal documents unless you trust the environment and have reviewed the code handling them. - The project documents system dependencies (tesseract, poppler, ghostscript). Installing those grants the package more file/OS-level capability for OCR and PDF processing — install them only if needed. - Check requirements.txt/pyproject.toml for third-party dependencies and inspect them for known vulnerabilities if you plan production use. - If you need stronger assurance, run a network-monitoring or offline test (disconnect network) when first exercising the skill to confirm it behaves as expected. Minor note: the registry metadata said 'instruction-only' but SKILL.md contains an install instruction; that discrepancy is benign but worth noting before publish/install.

Review Dimensions

Purpose & Capability: okThe name/description (financial advisor: assessment, valuation, pitch deck, investor matching) aligns with the included files: a Python package with assessment, valuation, pitchdeck, matching modules, PDF parsing/OCR, and sample investor data. Required binaries (python3) and lack of credentials are appropriate for the stated purpose.
Instruction Scope: okSKILL.md asks the agent to gather project and financial information from the user and shows Python usage examples that operate on Project objects and PDF parsing. The instructions do not direct the agent to read unrelated system files, environment variables, or to send data to third-party endpoints. The skill does process PDFs and can read uploaded documents (expected given purpose) — treat those documents as potentially sensitive.
Install Mechanism: noteThe skill bundle contains a full Python package and SKILL.md metadata lists install: ["pip install -e ."], which is a local editable install of the included code — reasonable for this package. There is a minor inconsistency: the registry metadata reported 'No install spec — instruction-only skill' while SKILL.md contains an install instruction. Installing with pip will execute package installation code (eg. setup/build steps) from the bundle, which is expected but worth reviewing. No external download URLs or obscure installers were found.
Credentials: okNo environment variables, secrets, or external API keys are required by the skill. The project requires some system binaries (tesseract, poppler, ghostscript) for PDF/OCR functionality, which are documented in the README/QUICKSTART and are proportional to the PDF features.
Persistence & Privilege: okThe skill does not request always:true and does not declare modifications to other skills or system-wide settings. Installation via pip will add the package to the Python environment, which is normal. The skill can be invoked autonomously (model invocation not disabled) but that is the platform default and not by itself a red flag.