← Back to Skills Marketplace
Firm Fintech Pack
by
romainsantoli-web
· GitHub ↗
· v1.0.0
414
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install firm-fintech-pack
Description
Curated skill bundle for fintech startups, neobanks, payment processors and wealth-management platforms. Activates the firm pyramid with Finance, Legal, Engi...
README (SKILL.md)
firm-fintech-pack
Sector bundle for fintech & financial services environments.
Activated departments
| Department | Services activated | Focus |
|---|---|---|
| Finance | FP&A · Pricing Strategy · Unit Economics · Billing | P&L, CAC/LTV, pricing models |
| Legal | Contracting · Privacy/Data · IP & Compliance | PSD2, MiCA, AML, KYC |
| Engineering | Backend · Data Engineering · AI Engineering · Integration | Core banking, APIs, ML models |
| Quality | Security · Compliance Auditing · Performance | Pen testing, SOC 2, load tests |
| Strategy | Architecture · Product Discovery · Roadmap | Product strategy, OKRs |
| Operations | SRE/Incident · DevOps | 99.99% uptime, incident response |
Recommended ClawHub skills to install alongside
npx clawhub@latest install biz-reporter # Financial KPI reporting
npx clawhub@latest install arc-security-audit # SOC 2 / PCI-DSS audit
npx clawhub@latest install agent-audit-trail # Tamper-evident transaction logs
npx clawhub@latest install arc-trust-verifier # Counterparty verification
npx clawhub@latest install firm-orchestration # A2A orchestration backbone
npx clawhub@latest install firm-delivery-export # Output → report / ticket
Firm configuration overlay
{
"agent": {
"model": "anthropic/claude-opus-4-6",
"workspace": "~/.openclaw/workspace/fintech-firm"
},
"agents": {
"defaults": {
"sandbox": { "mode": "non-main" }
}
}
}
Prompt: AML suspicious activity review
Use firm-orchestration with:
objective: "Review 23 flagged transactions from automated AML screening — Feb 28 batch"
departments: ["legal", "finance", "quality"]
constraints: ["anonymize customer IDs in output", "FATF Rec. 20 reference", "read-only"]
definition_of_done: "SAR filing decisions per transaction with rationale"
delivery_format: "structured_document"
Prompt: pricing model update
Use firm-orchestration with:
objective: "Redesign subscription tier pricing for B2B API product targeting SMBs"
departments: ["finance", "commercial", "strategy"]
constraints: ["current ARPU: €340/mo", "churn target \x3C 3%", "competitor floor: €199/mo"]
definition_of_done: "3-tier pricing proposal with margin analysis and migration plan"
delivery_format: "project_brief"
Regulatory coverage
| Regulation | Department | Service |
|---|---|---|
| PSD2 / Open Banking | Legal · Engineering | Compliance + Integration |
| MiCA (crypto) | Legal · Finance | IP & Compliance + FP&A |
| GDPR / ePrivacy | Legal | Privacy/Data Protection |
| AML 6AMLD | Legal · Quality | Contracting + Security |
| PCI-DSS | Quality · Engineering | Security · Backend |
| SOC 2 Type II | Quality · Operations | Compliance + DevOps |
| Basel III (credit) | Finance | Unit Economics & Reporting |
Security notes
- Financial data is tier-1 sensitive:
SECURE_PRODUCTION_MODE=truemandatory AUDIT_ENABLED=truewith immutable JSONL audit trailREAD_ONLY_MODE=truefor all regulatory review workflows- Sandbox all non-main sessions:
sandbox.mode: "non-main"
💎 Support
Si ce skill vous est utile, vous pouvez soutenir le développement :
Dogecoin : DQBggqFNWsRNTPb6kkiwppnMo1Hm8edfWq
Usage Guidance
This skill is an instruction-only 'firm pack' that mostly provides prompts and recommended companion installs. Before installing or enabling it: 1) Verify the source/author — there is no homepage and the owner ID is unfamiliar. 2) Inspect any companion packages before running the suggested npx clawhub install commands. 3) Confirm what 'firm-orchestration' and the suggested companion skills do (they may require sensitive credentials). 4) Don’t assume the listed env flags (SECURE_PRODUCTION_MODE, AUDIT_ENABLED, READ_ONLY_MODE) are enforced — the skill declares them but does not require them; enforce these at your environment/config level if needed. 5) Be cautious because the skill metadata requests session tools (sessions_spawn/send/history) that allow spawning and transmitting sessions — avoid enabling autonomous invocation on production agents until you audit the orchestration skill's behavior. If you can, ask the publisher for: an explicit list of required env vars/config paths, the exact behavior of firm-orchestration, and a code/homepage link so you can review the companion skills before use.
Capability Analysis
Type: OpenClaw Skill
Name: firm-fintech-pack
Version: 1.0.0
The skill bundle appears benign. The `SKILL.md` file primarily provides documentation, configuration examples, and security recommendations for the user and the agent's operation. It explicitly promotes secure practices such as `sandbox.mode: "non-main"`, `READ_ONLY_MODE=true`, and `AUDIT_ENABLED=true`. There are no instructions for the agent to perform unauthorized actions, exfiltrate data, or execute arbitrary commands. The `npx clawhub@latest install` commands are presented as recommendations for the human operator, not as instructions for the AI agent to execute.
Capability Assessment
Purpose & Capability
The README-like SKILL.md describes a fintech 'firm' bundle and mostly contains prompts, recommended companion installs, and a workspace overlay — that matches the advertised purpose. However, it urges production/security settings and workspace paths (~/.openclaw/workspace/fintech-firm) without declaring any required config or credentials, which is an inconsistency between stated purpose and declared requirements.
Instruction Scope
The instructions include operational directives beyond simple prompts: they insist on environment flags (SECURE_PRODUCTION_MODE, AUDIT_ENABLED, READ_ONLY_MODE), audit/immutable JSONL trails, and a specific workspace path. These variables and paths are not listed in requires.env or required config paths. The SKILL also instructs using 'firm-orchestration' and recommends running npx clawhub installs for other skills — which will change the agent environment. This expands runtime scope beyond what's explicitly declared.
Install Mechanism
There is no install spec and no code files (lowest install risk). The SKILL.md recommends using npx clawhub@latest to install companion skills; those commands would install third-party packages at the time you run them. Because installation is left to the user and not performed automatically, risk is limited but you should inspect/verify any packages before running npx.
Credentials
The skill declares no required environment variables or credentials, yet the instructions mandate security-related env flags and an immutable audit trail. For a bundle that claims to enable integrations (PSD2, PCI-DSS, etc.), it also doesn't request any integration credentials — which is plausible if this is just a prompt bundle, but the presence of mandatory security flags that are not declared is disproportionate and confusing. This mismatch could lead to accidental misconfiguration or unmet security expectations.
Persistence & Privilege
always is false and there is no install — good. The SKILL metadata lists tools sessions_send, sessions_spawn, sessions_history which enable spawning sessions and sending/history access; those are powerful capabilities for an orchestration-style skill because they can create or transmit session content. This is not automatically malicious, but combined with the other inconsistencies it increases the potential blast radius and should be reviewed before enabling autonomous invocations.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install firm-fintech-pack - After installation, invoke the skill by name or use
/firm-fintech-pack - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
firm-fintech-pack 1.0.0
- Initial release of a curated skill bundle for fintech startups, neobanks, payment processors, and wealth-management platforms.
- Pre-configured firm pyramid with Finance, Legal, Engineering, and Compliance agents for AML/KYC, financial modelling, regulatory reporting, and payment infrastructure workflows.
- Detailed guides for department activations and common workflow prompts (AML review, pricing model update).
- Primary coverage of key regulations: PSD2, MiCA, GDPR, AML, PCI-DSS, SOC 2, Basel III.
- Security best practices recommended: production mode enforcement, audit logging, read-only regulatory reviews, and session sandboxing.
- Integration and extension recommendations with popular ClawHub skills for reporting, audit, verification, and orchestration.
Metadata
Frequently Asked Questions
What is Firm Fintech Pack?
Curated skill bundle for fintech startups, neobanks, payment processors and wealth-management platforms. Activates the firm pyramid with Finance, Legal, Engi... It is an AI Agent Skill for Claude Code / OpenClaw, with 414 downloads so far.
How do I install Firm Fintech Pack?
Run "/install firm-fintech-pack" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Firm Fintech Pack free?
Yes, Firm Fintech Pack is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Firm Fintech Pack support?
Firm Fintech Pack is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Firm Fintech Pack?
It is built and maintained by romainsantoli-web (@romainsantoli-web); the current version is v1.0.0.
More Skills