中文 EN

Scan Report

Scan New Files

Low Risk — Risk Score 15/100
Last scan:19 hr ago Rescan
15 /100
ai-intelligent-expense-management
企业费用管理,报销 + 控制 + 分析
Skill consists only of documentation (SKILL.md, skill.json) with no implementation code to analyze; installation instructions use standard git clone + pip install which is typical for deployment tools.
Skill Nameai-intelligent-expense-management
Duration47.0s
Enginepi
Safe to install
No immediate security concern since no code exists; if code is added later, ensure it does not exfiltrate data or access credentials.

Findings 2 items

Severity Finding Location
Low
No allowed-tools declaration Doc Mismatch
SKILL.md does not declare allowed-tools mapping, though this is not critical since no executable code exists in this skill.
---
→ If code is added in future, explicitly declare allowed-tools per the pi skill specification.
 SKILL.md:1
Info
Installation references external repository Supply Chain
The installation instructions clone from github.com/openclaw-skills/ai-intelligent-expense-management and pip install requirements.txt. This is standard deployment practice but requires trust in external repository.
git clone https://github.com/openclaw-skills/ai-intelligent-expense-management
→ Verify the external repository contents before cloning if concerned about supply chain.
 SKILL.md:22
ResourceDeclaredInferredStatusEvidence
Filesystem NONE NONE No code present to verify
Network NONE NONE No code present to verify
Shell NONE NONE No code present to verify
Environment NONE NONE No code present to verify

File Tree

2 files · 1.3 KB · 62 lines
Markdown 1f · 51L JSON 1f · 11L
├─ 📋 skill.json JSON 11L · 318 B
└─ 📝 SKILL.md Markdown 51L · 991 B

Security Positives

✓ No malicious code present - skill is documentation-only
✓ No credential harvesting detected
✓ No network exfiltration observed
✓ No obfuscation or base64-encoded payloads
✓ No suspicious file paths accessed (no code to access anything)