← 返回 Skills 市场
Sap Journal Auditor
作者
Daryoosh Dehestani
· GitHub ↗
· v0.1.0
259
总下载
1
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install sap-journal-auditor
功能描述
Audits SAP FI/CO journal exports to detect duplicates, anomalies, cost center mismatches, approval bypass, intercompany issues, and unusual user activity.
安全使用建议
This skill appears to do what it claims: it analyzes uploaded SAP journal CSV/XLSX files locally and returns an audit memo and a CSV of flagged lines. Before installing/running, consider: 1) provenance — registry metadata lists an owner ID but no homepage; the code includes author and RadarRoster links (verify you trust the source). 2) Data handling — the skill writes audit_memo.md and flagged_entries.csv to disk and sends them back via the agent; those files contain sensitive financial data, so run in an environment you control and delete outputs when done. 3) Memory retention — the agent memory stores a small run summary (timestamp, entriesCount, findings, overallRisk, period) for the last 20 runs; if that is a concern, clear or disable skill memory or avoid persistent storage. 4) Optional npm packages — the tool can use optional npm modules for enhanced Excel support; review package.json/package-lock.json before running npm install and prefer the built-in (zero-dependency) mode if you need stricter controls. 5) Safety practice — run the included test suite locally (node tests/test.js) and, if possible, execute the skill in an isolated/test environment first. Overall there are no red flags indicating unrelated credential access or network exfiltration in the provided files.
功能分析
Type: OpenClaw Skill
Name: sap-journal-auditor
Version: 0.1.0
The SAP Journal Auditor skill bundle is a legitimate tool designed to analyze SAP FI/CO journal exports for financial anomalies. The code implements comprehensive audit logic for detecting duplicates, round-amount accruals, and approval bypass patterns across several files including index.js and lib/auditor.js. It features robust, zero-dependency CSV and XLSX parsers (lib/csv-parse-lite.js, lib/xlsx-lite.js) for restricted environments and generates professional audit reports. No evidence of data exfiltration, malicious execution, or prompt injection was found; the skill operates strictly on provided input files and uses local memory for run history.
能力评估
Purpose & Capability
Name/description (SAP FI/CO journal auditor) align with the code and instructions: parser, auditor, reporter, exporter all operate on uploaded journal files. The optional attempts to require 'csv-parse' and 'xlsx' are reasonable (they fall back to built-in parsers) and match the stated 'zero-dependency' vs 'with npm' modes. No unrelated binaries, env vars, or cloud credentials are requested.
Instruction Scope
SKILL.md and instructions.md direct the agent to parse an uploaded file, run audit checks, generate a Markdown memo and a CSV of flagged entries, and return those files. The runtime handler reads the supplied file, writes audit_memo.md and flagged_entries.csv into the same directory, replies with text, and uses context.replyFile to send the generated files. This all falls within the skill's stated scope. Note: the skill persists lightweight run metadata (timestamp, counts, overallRisk) into context.memory — this is expected for tracking but does store some metadata about runs.
Install Mechanism
There is no install specification in the registry metadata (instruction-only), though package.json and package-lock.json are present in the bundle. The code is written to work without external packages (zero-dependency CSV/XLSX fallbacks) and only optionally uses npm packages if present. No external download URLs or extract/install steps are present in the skill metadata.
Credentials
The skill does not require environment variables, credentials, or special config paths. It only needs access to the uploaded file and to a writable directory for generated outputs. The one environment-like resource used is context.memory for storing audit run metadata — this is proportional but users should be aware it records summary metadata (not raw file contents).
Persistence & Privilege
always:false (normal). The skill persists recent run metadata to the skill/agent memory (key: 'audit_runs', last 20 runs). This is legitimate for an auditing tool but could retain sensitive metadata (period, entries count, findings count, overallRisk). The skill also writes files (audit_memo.md, flagged_entries.csv) into the same directory as the input file — expected but those files may contain sensitive financial data and should be handled accordingly.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install sap-journal-auditor - 安装完成后,直接呼叫该 Skill 的名称或使用
/sap-journal-auditor触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.0
- Initial release of SAP Journal Auditor skill.
- Audits SAP FI/CO journal exports (CSV/Excel) for anomalies, unusual cost center use, approval bypass, duplicates, and intercompany issues.
- Supports exports from FB03, FAGLL03, KSB1, and ACDOCA.
- Produces categorized audit memos, flagged entry CSVs, and summary statistics.
- Multilingual support: English and German output.
- Input options for specific fiscal periods.
元数据
常见问题
Sap Journal Auditor 是什么?
Audits SAP FI/CO journal exports to detect duplicates, anomalies, cost center mismatches, approval bypass, intercompany issues, and unusual user activity. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 259 次。
如何安装 Sap Journal Auditor?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install sap-journal-auditor」即可一键安装,无需额外配置。
Sap Journal Auditor 是免费的吗?
是的,Sap Journal Auditor 完全免费(开源免费),可自由下载、安装和使用。
Sap Journal Auditor 支持哪些平台?
Sap Journal Auditor 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Sap Journal Auditor?
由 Daryoosh Dehestani(@dda-oo)开发并维护,当前版本 v0.1.0。
推荐 Skills