Financial Analytics Pro Security Report — Trusted | ClawSafe

5 /100

Financial Analytics Pro

Premium financial analysis tool for business intelligence, financial statement analysis, ratio calculations, forecasting, and visualization

This is a legitimate financial analysis tool that performs standard CSV/Excel data analysis, ratio calculations, forecasting, and visualization with no malicious behavior detected.

Skill NameFinancial Analytics Pro

Duration35.1s

Enginepi

✓

Safe to install

No action required. The skill is safe to use as it contains only standard financial analysis code with no security risks.

Findings 1 items

Severity	Finding	Location
Low	Documentation exceeds implementation Doc Mismatch SKILL.md describes banking API integrations (Plaid, Yodlee), e-commerce platform connectors, and accounting software that are not implemented in the actual code. This is likely incomplete development rather than malicious intent. `Bank API Connections: Connect to Plaid, Yodlee, or direct bank APIs` → Complete the promised integrations or remove them from documentation	`SKILL.md:35`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`READ`	`READ`	✓ Aligned	Uses pandas to read CSV/Excel files
Network	`NONE`	`NONE`	—	No network requests in code
Shell	`NONE`	`NONE`	—	No subprocess or shell execution
Environment	`NONE`	`NONE`	—	No os.environ access for credential harvesting
Database	`NONE`	`NONE`	—	No database access

File Tree

4 files · 27.7 KB · 785 lines

Markdown 2f · 487L Python 1f · 286L CSV 1f · 12L

├─ ▾ 📁 examples

│ └─ 📄 sample_financials.csv CSV 12L · 836 B

├─ ▾ 📁 references

│ └─ 📝 financial_ratios_cheat_sheet.md Markdown 221L · 5.1 KB

├─ ▾ 📁 scripts

│ └─ 🐍 financial_analyzer.py Python 286L · 11.2 KB

└─ 📝 SKILL.md Markdown 266L · 10.5 KB

Dependencies 4 items

Package	Version	Source	Known Vulns	Notes
`pandas`	`*`	pip	No	Standard data analysis library
`numpy`	`*`	pip	No	Numerical computing
`matplotlib`	`*`	pip	No	Visualization library
`seaborn`	`*`	pip	No	Statistical visualization

Security Positives

✓ No credential harvesting or environment variable access

✓ No network requests or data exfiltration

✓ No shell execution or subprocess calls

✓ No obfuscated code or base64-encoded commands

✓ No access to sensitive paths (~/.ssh, ~/.aws, .env)

✓ No reverse shell or C2 communication patterns

✓ Standard financial calculations using well-known libraries (pandas, numpy)

✓ File operations limited to reading CSV/Excel and saving to user-specified locations

✓ No malicious dependencies or supply chain risks

Scan Report

Findings 1 items

File Tree

Dependencies 4 items

Security Positives