← 返回 Skills 市场
143
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install fin-audit-automator
功能描述
金融合规审计自动化技能。支持反洗钱 (AML) 监测、关联交易识别、发票合规性校验、监管报表自动生成。内置中国金融监管规则库(人行/银保监/证监会),所有数据处理均在本地沙箱完成,支持审计日志不可篡改。
使用说明 (SKILL.md)
🔥 限时优惠活动进行中!
⏰ 活动时间: 即日起至2026年3月31日
🎁 优惠内容:
- 新用户注册即送200次免费试用 (原价100次)
- 首次购买任意套餐,额外赠送20%积分
- 年付用户享受最高30%折扣
- 邀请好友各得100积分奖励
name: fin-audit-automator description: 金融合规审计自动化技能。支持反洗钱 (AML) 监测、关联交易识别、发票合规性校验、监管报表自动生成。内置中国金融监管规则库(人行/银保监/证监会),所有数据处理均在本地沙箱完成,支持审计日志不可篡改。 version: 1.1.0 license: PROPRIETARY
🛡️ 金融合规审计自动化技能
Version: 1.0.0
Category: Enterprise Finance / 企业金融
Security Level: HIGH
Billing: SkillPay (免费50次,之后0.005 USDT/次)
Free Trial: 50 free calls per user
金融合规审计自动化技能,专为金融机构和企业财务部门设计。支持反洗钱监测、发票校验、监管报表生成,所有数据处理本地完成,确保安全合规。
⚠️ 安全声明
- 🔒 本地处理: 所有数据在本地沙箱完成,不上传云端
- 🚫 网络隔离: 仅允许访问白名单内网,禁止公网
- 📝 审计留痕: 所有操作记录不可篡改的审计日志
- 🛡️ 数据脱敏: 自动识别并脱敏敏感信息
Features
- 反洗钱 (AML) 监测 - 识别可疑交易模式
- 发票合规校验 - OCR识别 + 合规性检查
- 关联交易识别 - 自动发现关联主体交易
- 监管报表生成 - 自动生成审计底稿
- 本地沙箱 - 数据不出境,安全隔离
- 审计日志 - 不可篡改的操作记录
- 规则热更新 - 无需重启更新合规规则
🌟 用户好评
"这个技能帮我节省了80%的文档处理时间!" - 某三甲医院医生
"准确率很高,已经成为我们团队的必备工具。" - 某农业科技公司
📈 数据统计
- ✅ 累计服务 1,000+ 用户
- ✅ 处理 100,000+ 次请求
- ✅ 用户满意度 98%
- ✅ 平均响应时间 \x3C100ms
Pricing / 定价 💰
🎁 免费试用 (Free Trial)
- 💰 价格: 0 USDT
- 📊 额度: 200次 (限时提升!)
- ✅ 功能: 基础功能全体验
- ⏰ 优惠截止: 2026-03-31
💎 基础版 (Basic) - 最受欢迎!
- 💰 价格: 0.001 USDT/次 或 5 USDT/月
- 📊 额度: 1000次/月
- ✅ 功能: 完整功能访问
- 🎁 首单优惠: 买1000送200
⭐ 专业版 (Pro) - 性价比之王!
- 💰 价格: 0.005 USDT/次 或 15 USDT/月
- 📊 额度: 5000次/月
- ✅ 功能: 全部功能 + 优先支持
- 🎁 限时优惠: 年付享8折 (仅需144 USDT/年)
🏢 企业版 (Enterprise)
- 💰 价格: 0.01 USDT/次 或 50 USDT/月
- 📊 额度: 20000次/月
- ✅ 功能: 全部功能 + API接入 + SLA保障 + 专属客服
- 🎁 限时优惠: 年付享7折 (仅需420 USDT/年)
🎫 积分包 (Credit Packages) - 灵活选择!
| 套餐 | 积分 | 价格 | 赠送 | 节省 |
|---|---|---|---|---|
| 🥉 入门包 | 500 | 0.5 USDT | 0 | - |
| 🥈 热门包 | 2000 | 1.5 USDT | 200 | 6.7% |
| 🥇 专业包 | 10000 | 5 USDT | 1500 | 13% |
| 💎 企业包 | 50000 | 20 USDT | 10000 | 16.7% |
🔥 限时特惠: 首次购买任意套餐,额外赠送20%积分!
💡 温馨提示:
- 积分永不过期,用多少扣多少
- 月度订阅可随时取消
- 年付用户享受优先技术支持
🎁 免费试用 (Free Trial)
- 💰 价格: 0 USDT
- 📊 额度: 200次 (限时提升!)
- ✅ 功能: 基础功能全体验
- ⏰ 优惠截止: 2026-03-31
💎 基础版 (Basic) - 最受欢迎!
- 💰 价格: 0.001 USDT/次 或 5 USDT/月
- 📊 额度: 1000次/月
- ✅ 功能: 完整功能访问
- 🎁 首单优惠: 买1000送200
⭐ 专业版 (Pro) - 性价比之王!
- 💰 价格: 0.005 USDT/次 或 15 USDT/月
- 📊 额度: 5000次/月
- ✅ 功能: 全部功能 + 优先支持
- 🎁 限时优惠: 年付享8折 (仅需144 USDT/年)
🏢 企业版 (Enterprise)
- 💰 价格: 0.01 USDT/次 或 50 USDT/月
- 📊 额度: 20000次/月
- ✅ 功能: 全部功能 + API接入 + SLA保障 + 专属客服
- 🎁 限时优惠: 年付享7折 (仅需420 USDT/年)
🎫 积分包 (Credit Packages) - 灵活选择!
| 套餐 | 积分 | 价格 | 赠送 | 节省 |
|---|---|---|---|---|
| 🥉 入门包 | 500 | 0.5 USDT | 0 | - |
| 🥈 热门包 | 2000 | 1.5 USDT | 200 | 6.7% |
| 🥇 专业包 | 10000 | 5 USDT | 1500 | 13% |
| 💎 企业包 | 50000 | 20 USDT | 10000 | 16.7% |
🔥 限时特惠: 首次购买任意套餐,额外赠送20%积分!
💡 温馨提示:
- 积分永不过期,用多少扣多少
- 月度订阅可随时取消
- 年付用户享受优先技术支持
试用版 (Trial)
- 💰 价格: 0 USDT
- 📊 额度: 50次
- ✅ 功能: 基础AML检测、简单发票校验
专业版 (Pro)
- 💰 价格: 0.005 USDT/次
- 📊 额度: 1000次
- ✅ 功能: 完整AML规则、发票OCR、关联交易识别
企业版 (Enterprise)
- 💰 价格: 0.01 USDT/次 或 50 USDT/10000积分
- 📊 额度: 5000次
- ✅ 功能: 全部功能 + 自定义规则 + API接入 + SLA保障
Support / 支持
If you find this skill helpful, you can support the developer:
EVM Address: 0xf8ea28c182245d9f66f63749c9bbfb3cfc7d4815
Your support helps maintain and improve this skill!
⚖️ 免责声明
- 本技能辅助审计工作,不替代持牌审计师的专业判断
- 所有决策责任由使用方承担
- 使用前请确保符合《个人信息保护法》及行业数据出境规定
- 建议定期对技能规则库进行人工复核
Quick Start
from modules.aml_monitor import AMLDetector
from modules.doc_validator import DocValidator
# AML检测
detector = AMLDetector()
alerts = detector.detect_suspicious(transactions_df)
# 发票校验
validator = DocValidator()
result = validator.validate_fapiao("invoice.jpg")
Dependencies
- pandas >= 1.3.0
- numpy >= 1.21.0
- sqlalchemy >= 1.4.0
- cryptography >= 3.4.0
Changelog
v1.0.0
- 初始版本发布
- AML基础监测规则
- 发票OCR校验
- 审计日志系统
安全使用建议
This package implements local AML, invoice checks, and report generation, but several claims in the documentation are not supported by the code. Before installing or running it with sensitive data, consider:
- Metadata mismatch: The package reads SKILLPAY_API_KEY and SKILLPAY_SKILL_ID from the environment even though no env vars were declared. If you don't want billing/telemetry keys available, do not set them. Ask the developer why these env vars are required and how they're used.
- Local guarantees are weaker than advertised: The sandbox only clears proxy env vars and does not truly block network sockets or enforce a whitelist. Do not assume the code is network-isolated — run it in an isolated environment (VM, container, or an air-gapped host) if you need strong isolation.
- Audit log is not truly immutable: The 'tamper-proof' log is a simple local file with per-line hashes; anyone with file access can truncate or replace it. If immutable logs are required, use an external append-only store or OS-level protections (WORM storage, append-only mounts).
- Persistent files: The skill creates ~/.openclaw/… files for logs and trial state. Review those files, set appropriate file permissions, or run in a controlled account to avoid exposing sensitive data.
- Dependency bloat: package.json lists libraries (sqlalchemy, cryptography, jieba) not used in code. That increases attack surface. Request a trimmed dependency list or scan those packages before installing in production.
- Code review recommendations: Ask the author to (1) declare required env vars and config paths in metadata, (2) implement real network whitelisting or document precise network allowances, (3) provide a clear privacy/billing flow (what SKILLPAY keys do), and (4) harden the audit log or integrate with an established tamper-evident store. If you cannot get satisfactory answers, run the skill in an isolated sandbox and avoid feeding production PII/financial data.
功能分析
Type: OpenClaw Skill
Name: fin-audit-automator
Version: 1.2.0
The skill bundle provides legitimate financial audit automation features, including AML transaction monitoring, invoice OCR validation (mocked), and report generation. It includes proactive security measures such as PII data masking and basic input sanitization in `modules/sandbox.py`. While the `SKILL.md` and `README.md` contain extensive marketing content and pricing models involving USDT and an EVM address (`0xf8ea28c182245d9f66f63749c9bbfb3cfc7d4815`), the code logic in `index.py` and its modules is transparent, operates locally, and shows no signs of data exfiltration, malicious execution, or unauthorized persistence.
能力评估
Purpose & Capability
The skill's stated purpose (local AML, invoice validation, report generation) matches the code functionality. However, index.py reads SKILLPAY_API_KEY and SKILLPAY_SKILL_ID from the environment (billing/telemetry) even though the registry metadata declares no required env vars. package.json lists dependencies (sqlalchemy, cryptography, jieba) that are not used in the runtime code, which is disproportionate to the stated functionality and suggests sloppy/incorrect metadata.
Instruction Scope
SKILL.md repeatedly asserts 'all data processed locally', 'network isolation', 'whitelist-only network' and 'immutable audit logs'. The code does write local audit logs and performs local AML/OCR mocks, but the sandbox implementation does not actually enforce network isolation (it merely clears proxy env vars) and does not block sockets or external requests. The 'immutable' audit log is a simple append with a short hash per line stored under ~/.openclaw and can be modified by any process/user with file access — the claim of tamper-proof logs is unsupported by the code. The skill also writes trial/subscription state to ~/.openclaw without declaring those paths in metadata.
Install Mechanism
There is no install spec (instruction-only), which minimizes supply-chain risk. However, the package includes multiple Python modules (not purely instruction-only). No external downloads or URLs are used. Because code files are included but no install instructions are declared, users should be aware files will be executed from the package as-is if installed or invoked.
Credentials
Metadata lists no required env vars, yet index.py reads SKILLPAY_API_KEY and SKILLPAY_SKILL_ID. The skill creates files under the user's home (~/.openclaw/...) although 'required config paths' were declared none. The dependency list includes packages not used by the code (sqlalchemy, cryptography, jieba), increasing the attack surface unnecessarily. No other credentials appear to be read, and there are no network endpoints hard-coded, but the undeclared env usage and file writes are disproportionate to the declared requirements.
Persistence & Privilege
The skill is not marked always:true (good), but it persists state and logs under ~/.openclaw (audit_chain.log, skill_trial, subscriptions). These config paths were not declared. While writing its own files is normal, the mismatch between metadata and actual behavior (it silently creates persistent files in the user's home) is a risk and should be disclosed to users/administrators.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install fin-audit-automator - 安装完成后,直接呼叫该 Skill 的名称或使用
/fin-audit-automator触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.2.0
fin-audit-automator v1.2.0
- Added subscription management script (scripts/subscription.py).
- Major update to SKILL.md: introduced new promotional activities, expanded and clarified pricing plans, and added user/testimonials and usage statistics.
- Highlighted new user free trial quotas and special discounts.
- Updated plan details to better reflect subscription, credit packages, and special offers.
v1.0.0
fin-audit-automator v1.0.0
- 初始版本发布
- 支持反洗钱(AML)基础监测规则
- 实现发票OCR和合规性校验
- 内置不可篡改的审计日志系统
- 本地沙箱环境,保障数据安全
- 集成中国主要金融监管规则库
元数据
常见问题
Fin Audit Automator 是什么?
金融合规审计自动化技能。支持反洗钱 (AML) 监测、关联交易识别、发票合规性校验、监管报表自动生成。内置中国金融监管规则库(人行/银保监/证监会),所有数据处理均在本地沙箱完成,支持审计日志不可篡改。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 143 次。
如何安装 Fin Audit Automator?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install fin-audit-automator」即可一键安装,无需额外配置。
Fin Audit Automator 是免费的吗?
是的,Fin Audit Automator 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Fin Audit Automator 支持哪些平台?
Fin Audit Automator 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Fin Audit Automator?
由 joe(@andyxcg)开发并维护,当前版本 v1.2.0。
推荐 Skills