Back to skill
Skillv1.0.0
ClawScan security
Finance Analyst · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousMar 5, 2026, 6:20 PM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill claims to be a full Python FA package with PDF parsing, OCR, valuation engines and an investor DB, but the published bundle contains only instructions and no code or install spec—this mismatch makes it non-functional as-is and raises risk if the agent attempts to fetch or install external code.
- Guidance
- This skill's documentation describes a full Python package but the registry bundle contains only docs—no code or install script—so it will not work as-is. Before installing or running anything: (1) Inspect the GitHub homepage referenced to verify the repository actually contains the code and review it for unexpected network calls or credential usage. (2) Do not run 'pip install -e .' or install system OCR/pdf tools from an untrusted source on your primary machine—use an isolated VM or container. (3) Be cautious about uploading sensitive financial PDFs or confidential company data; the tool requests parsing of PDFs which could be sent to external services if the implementation does so. (4) If you want only advisory conversation, use the text-based instructions rather than attempting to install unknown code. If you provide the repository URL or the missing package files, I can re-evaluate with higher confidence.
Review Dimensions
- Purpose & Capability
- concernThe SKILL describes a full Python package (fa_advisor) with modules, PDF/OCR, investor DB, and executable APIs. The registry bundle contains only documentation (SKILL.md, README, CHANGELOG) and no Python package or code files. Metadata mentions 'pip install -e .', but there is no install spec and no local package to install. Requiring only 'python3' is insufficient for the claimed capabilities.
- Instruction Scope
- noteInstructions ask the agent to collect company financials and optionally parse user-supplied PDFs and scanned docs (OCR), and to generate reports and investor matches. Those actions are coherent with the skill's purpose, but the provided runtime examples assume the fa_advisor package exists locally or is installed. The docs also instruct adding an investor DB under fa_advisor/data — this implies filesystem writes and package installation that are not supported by the bundle. The instructions do not request unrelated system credentials.
- Install Mechanism
- concernNo install spec is present in the registry bundle (lowest-risk in principle). However, SKILL.md metadata and README recommend 'pip install -e .' and system packages (tesseract, poppler, ghostscript). Because no package files are included, following those install instructions would cause the agent or user to fetch/install code from outside sources (e.g., the GitHub homepage). This mismatch creates a risk if the agent attempts to execute remote installs from an unverified source.
- Credentials
- okThe skill declares no required environment variables, no credentials, and no protected config paths. That is proportionate to the current instruction-only bundle. Note: planned integrations with external data sources (Crunchbase, PitchBook) are listed in changelog but no API keys are requested here.
- Persistence & Privilege
- okalways is false and the skill is user-invocable. The skill does not request persistent privileges or system-wide configuration changes in the provided files. The instructions imply installing a Python package and creating data files in a package directory, which would require write access if the user chooses to install it, but the bundle does not itself persist or modify system settings.