subscription-manager-pro Security Report — Trusted | ClawSafe

0 /100

subscription-manager-pro

Track all your subscriptions, get alerts before renewals, identify forgotten services, and calculate total spend

A straightforward subscription tracking tool with clean, transparent code using only Python standard library—no network access, no shell execution, no credential access, and all functionality properly documented.

Skill Namesubscription-manager-pro

Duration27.2s

Enginepi

✓

Safe to install

This skill is safe to use. No security concerns identified.

Resource	Declared	Inferred	Status	Evidence
Filesystem	`WRITE`	`WRITE`	✓ Aligned	SKILL.md line 85-91 declares local JSON storage in ~/.openclaw/workspace/
Network	`NONE`	`NONE`	—	No network modules (requests, urllib, http) imported or used in scripts/manager.…
Shell	`NONE`	`NONE`	—	No subprocess, os.system, or shell execution in codebase
Environment	`NONE`	`NONE`	—	No os.environ access for credential harvesting
Skill Invoke	`NONE`	`NONE`	—	CLI tool only, no skill invocation
Clipboard	`NONE`	`NONE`	—	No clipboard access
Browser	`NONE`	`NONE`	—	No browser automation
Database	`NONE`	`NONE`	—	Uses local JSON files, not a database

5 findings

🔗

Medium External URL 外部 URL

https://img.shields.io/badge/ClawHub-Install-blue

README.md:5

🔗

Medium External URL 外部 URL

https://clawhub.ai/subscription-manager-pro

README.md:5

🔗

Medium External URL 外部 URL

https://img.shields.io/badge/License-MIT-green.svg

README.md:6

🔗

Medium External URL 外部 URL

https://netflix.com/cancelplan

README.md:127

🔗

Medium External URL 外部 URL

https://clawhub.ai/about/guidelines

README.md:149

File Tree

4 files · 30.2 KB · 965 lines

Python 1f · 550L Markdown 2f · 375L JSON 1f · 40L

├─ ▾ 📁 scripts

│ └─ 🐍 manager.py Python 550L · 20.4 KB

├─ 📋 claw.json JSON 40L · 983 B

├─ 📝 README.md Markdown 157L · 3.7 KB

└─ 📝 SKILL.md Markdown 218L · 5.1 KB

Security Positives

✓ Uses only Python standard library (json, os, pathlib, argparse, datetime) - no external dependencies

✓ All data stored locally in ~/.openclaw/workspace/subscription-manager-pro/data/ - never leaves the machine

✓ No network requests or external communications (no requests/urllib/http modules)

✓ No shell execution or subprocess calls

✓ No credential harvesting (no access to ~/.ssh, ~/.aws, .env, or os.environ for sensitive data)

✓ Clean, readable code with no obfuscation (no base64, eval, or anti-analysis techniques)

✓ SKILL.md accurately documents all functionality - doc-to-code alignment is excellent

✓ No hidden functionality - all operations are subscription management CRUD operations

✓ CSV/JSON export saves to local data directory only

✓ MIT licensed, open-source repository

Scan Report

File Tree

Security Positives