v1.0.0

识别5300中银行流水样式、识别简版征信、详版征信、企业版征信等各种信贷文件汇总成专业分析报告。

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 7:15 AM.

Analysis

This skill matches its stated credit-file analysis purpose, but it sends highly sensitive credit/bank documents and optional PDF passwords to an external provider using a hardcoded service key.

GuidanceReview this carefully before installing. It is not showing malicious behavior, but it handles very sensitive financial documents through a third-party API and a hardcoded service credential. Use only if you trust the provider and the publisher, can share the documents legally, and can provide short-lived or otherwise controlled document links.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

SKILL.md

需要 Python 3.7+ 环境
- 需要安装 `requests` 库（`pip install requests`）

The skill depends on local Python and an unpinned third-party package install, but the registry has no install spec or required binary declarations. This is expected for the included script, but users should notice the local dependency.

User impactYou may need to install and run local Python dependencies before using the skill.

RecommendationPin dependency versions and declare runtime/package requirements in the registry or install spec.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceHighStatusConcern

scripts/analyze.py

ENTERPRISE_KEY = "26b22ed9a21c42ec89b07b6299cdceb5" ... payload = {"enterpriseKey": ENTERPRISE_KEY, "dateTime": now_text()}

A provider enterprise key is hardcoded and used to obtain a token, even though the registry declares no primary credential. This makes the account/permission boundary unclear for users.

User impactYour documents may be processed under the skill publisher’s or another shared provider account, and you cannot easily verify its scope or controls from the artifacts.

RecommendationThe skill should declare its credential model and ideally require a user-owned or properly scoped credential instead of embedding a shared enterprise key.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityHighConfidenceHighStatusConcern

scripts/analyze.py

"filePackage": file_url ... if password: payload["passWord"] = password ... data = post("enterpriseApi/fileUpload", payload, token=token)

The script sends the user-supplied document URL and optional PDF password to an external provider API. Because the files are credit reports or bank statements, this is highly sensitive data handling and the artifacts do not define retention, access controls, or privacy boundaries.

User impactYour credit report, bank statement, and possibly document password may be processed by a third-party service through a public link.

RecommendationOnly use this with documents you are allowed to share with the provider, prefer short-lived restricted links if possible, and verify the provider’s privacy and retention practices before submitting sensitive files.