Skillv1.0.0

ClawScan security

Openclaw Skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 7, 2026, 10:28 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's manifest, instructions, and required resources are coherent with a local CLI-based personal finance tool; nothing requested is disproportionate to its stated purpose.
Guidance: This skill appears internally consistent for a local CLI-based finance tool, but it is instruction-only and points you to an external npm package and GitHub repository (no code shipped in the registry). Before installing or running the CLI: 1) verify the npm package name and maintainer and review the GitHub repo source and recent activity; 2) avoid blind global installs — prefer inspecting code first or installing in an isolated environment/container; 3) consider setting CFO_DATA_DIR to a controlled directory and back up/export your financial data; 4) check the package for any network calls or telemetry and whether it stores or transmits data off your machine; 5) ensure Node.js >=18 is acceptable for your environment. If you cannot review the external code, treat the install as higher risk.

Review Dimensions

Purpose & Capability: okName/description match the documented commands and features (transaction tracking, budgets, reports). The skill declares local JSON storage and Node.js/TypeScript runtime, and does not request unrelated credentials or system access.
Instruction Scope: noteSKILL.md instructs the agent to run a CLI (cfo) that reads/writes files under ~/openclaw-personal-cfo/data (or CFO_DATA_DIR). This file I/O is consistent with a finance tracker, but the instructions also recommend installing a third‑party npm package or cloning a GitHub repo — the registry entry itself contains no install artifact or code, so the runtime behavior depends on that external package.
Install Mechanism: noteThe skill is instruction-only with no install spec in the registry. The README recommends 'npm install -g openclaw-personal-cfo' or cloning a GitHub repo (https://github.com/ZhenRobotics/openclaw-personal-cfo.git). Both are common distribution methods (npm/GitHub) but the registry provides no integrity or provenance metadata; users should verify the package/repo before installing.
Credentials: okNo required environment variables or credentials are declared. An optional CFO_DATA_DIR env var is documented to change the data directory — this is reasonable and proportional for a local storage tool.
Persistence & Privilege: okThe skill is not forced-always, is user-invocable, and does not request system-wide privileges or modify other skills. Data is stored under its own directory; that is expected for this purpose.