cfo-advisor 安全扫描报告 — 可信 | ClawSafe

0 /100

cfo-advisor

Financial leadership for startups and scaling companies. Financial modeling, unit economics, fundraising strategy, cash management, and board financial packages.

Pure documentation skill with no executable code or dangerous capabilities - references non-existent scripts but presents no security risk.

技能名称cfo-advisor

分析耗时31.7s

引擎pi

✓

可以安装

Skill is safe to use. Consider adding actual script implementations if the financial modeling tools are needed, or remove script references from documentation to avoid confusion.

安全发现 1 项

严重性	安全发现	位置
低危	Referenced scripts do not exist 文档欺骗 SKILL.md references Python scripts (burn_rate_calculator.py, unit_economics_analyzer.py, fundraising_model.py) and reference markdown files that are not present in the package. This is a documentation accuracy issue, not a security threat. `python-tools: burn_rate_calculator.py, unit_economics_analyzer.py, fundraising_model.py` → Either implement the referenced scripts or remove their references from the skill metadata	`SKILL.md:21`

资源类型	声明权限	推断权限	状态	证据
文件系统	`NONE`	`NONE`	—	No file operations found
网络访问	`NONE`	`NONE`	—	No network calls found
命令执行	`NONE`	`NONE`	—	No shell commands found
环境变量	`NONE`	`NONE`	—	No env access found
技能调用	`NONE`	`NONE`	—	No skill invocation found
剪贴板	`NONE`	`NONE`	—	No clipboard access found
浏览器	`NONE`	`NONE`	—	No browser access found
数据库	`NONE`	`NONE`	—	No database access found

目录结构

1 文件 · 7.1 KB · 140 行

Markdown 1f · 140L

└─ 📝 SKILL.md Markdown 140L · 7.1 KB

安全亮点

✓ No executable code present - pure documentation skill

✓ No shell commands or subprocess calls

✓ No network requests or external IP communication

✓ No credential harvesting or sensitive data access

✓ No obfuscation techniques (base64, eval, etc.)

✓ No malicious dependencies

✓ No supply chain risks