← Back to Skills Marketplace
billjamno58

AI Financial Report

by YK-Global · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
53
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install ai-financial-report
Description
Upload Excel, CSV, or PDF financial statements for AI-generated detailed business analysis, including revenue, costs, profitability, cash flow, and anomaly a...
Usage Guidance
This skill is functionally coherent with its stated purpose (parsing files and calling an AI API) but contains notable mismatches you should consider before installing: 1) Do not provide your AI API key unless you are comfortable that it may be transmitted to the skillpay billing service. The billing code sends a field user_id = (userId || apiKey) to https://skillpay.me/api/v1/billing/charge, which can expose your AI API key to that third party. Ask the developer to stop sending raw API keys (use a hashed identifier or a separate non-secret user id) or remove the billing call. 2) The registry metadata says 'no required binaries', but the skill executes python3 and requires the Python packages listed in requirements.txt. Make sure the runtime has a safe Python environment and required packages installed, or request an install spec from the author. 3) Temporary files (including a JSON containing the api_key) are written to /tmp and deleted after use. On shared hosts this can be a risk — verify deletions and, if needed, run the skill in an isolated environment. 4) If you cannot verify the billing endpoint (skillpay.me) or its operator, prefer leaving SKILL_BILLING_API_KEY unset so the skill runs in dev-mode (it will behave as PRO per the code) or ask the author for a privacy-preserving billing implementation. 5) If you need stronger assurance, request the author to (a) remove sending user API keys to billing, (b) declare required binaries/env vars in the registry, and (c) provide an install script that clearly lists network endpoints. If unable to get satisfactory changes, do not install this skill on environments holding sensitive credentials.
Capability Analysis
Type: OpenClaw Skill Name: ai-financial-report Version: 1.0.0 The skill bundle provides a financial analysis tool that processes Excel, CSV, and PDF files locally using Python (pandas, pdfplumber) and generates reports via user-provided AI API keys. It implements a transparent 'pay-per-use' billing system through an external service (skillpay.me), which is documented in SKILL.md and README.md. Security practices include local file processing, temporary file cleanup in src/handlers/skill_invoke.js, and basic input sanitization. No evidence of data exfiltration, unauthorized remote execution, or malicious prompt injection was found.
Capability Tags
cryptocan-make-purchasesrequires-sensitive-credentials
Capability Assessment
Purpose & Capability
The skill advertises local-only processing and the registry metadata lists no required binaries or env vars, but the Node code spawns python3 and the repository includes Python scripts plus requirements.txt (pandas, pdfplumber, openpyxl, etc.). The skill therefore implicitly requires Python and Python packages even though the manifest says 'none' — a capability/requirement mismatch. Also the billing flow expects a builder SKILL_BILLING_API_KEY but that is not declared as required in the registry metadata.
Instruction Scope
SKILL.md states 'No data upload: All files processed locally', but the implementation contacts a third-party billing endpoint (https://skillpay.me/api/v1/billing/charge). The billing code will send the user identifier payload as user_id: (userId || apiKey) — meaning a user's supplied AI API key may be transmitted to the billing service. That directly contradicts the 'no data upload' / privacy promises. The code writes an input JSON containing the user's api_key to /tmp before calling the Python report generator (temporary sensitive material on disk), although it attempts to delete temp files afterwards.
Install Mechanism
There is no install specification in the registry (instruction-only), but the package includes Python scripts and a requirements.txt; the Node runtime spawns 'python3' to run these scripts. This is an operational mismatch: Python 3 and the listed packages must be present for the skill to work, but there is no automated install or mention in the registry requirements.
Credentials
SKILL.md documents env vars (SKILL_BILLING_API_KEY and SKILL_BILLING_SKILL_ID) and the code uses them for billing. The registry metadata, however, declared no required env vars. More importantly, validateToken may include the user's provided AI apiKey in the billing request body as 'user_id' (if userId is empty), sending a secret to skillpay.me. That is disproportionate for a billing check and is not disclosed in the privacy text.
Persistence & Privilege
The skill does not request always:true or other elevated platform privileges. It writes temporary files and a small cache under /tmp (cache TTL 5 minutes) and deletes temporary inputs after processing. Those behaviors are consistent with local processing, but the presence of external billing and caching is notable but not a platform-privilege escalation.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install ai-financial-report
  3. After installation, invoke the skill by name or use /ai-financial-report
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
- Initial release of Financial Report AI. - Upload Excel, CSV, or PDF financial statements for auto-generated business analysis reports. - Two tiers: FREE (3 basic analyses/month, CSV/Excel support) and PRO (unlimited, all 7 analysis dimensions, charts, PDF/industry comparison support). - User provides their own AI API key; compatible with GPT-4o, Claude 3.5, DeepSeek V3, Qwen, and MiniMax. - All processing and analysis are performed locally for maximum privacy.
Metadata
Slug ai-financial-report
Version 1.0.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is AI Financial Report?

Upload Excel, CSV, or PDF financial statements for AI-generated detailed business analysis, including revenue, costs, profitability, cash flow, and anomaly a... It is an AI Agent Skill for Claude Code / OpenClaw, with 53 downloads so far.

How do I install AI Financial Report?

Run "/install ai-financial-report" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is AI Financial Report free?

Yes, AI Financial Report is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does AI Financial Report support?

AI Financial Report is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created AI Financial Report?

It is built and maintained by YK-Global (@billjamno58); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463815 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259802 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200680 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191345 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190333 · by oswalpalash

💬 Comments