Safety Report

Freelance Toolkit FR

Name: Freelance Toolkit FR
Author: HugoSbl

Boîte à outils complète pour freelances en France gérant clients, suivi du temps, factures légales au format HTML et tableau de bord revenus.

1,287Downloads

0Installs

0Stars

1Versions

CLI & Shell Tools1,805 Design & Prototyping842

Security Analysis

high confidence

Clean0.04 risk

The bundled Python scripts implement a local freelance invoicing/time-tracking tool that only reads/writes files under ~/.freelance and matches the skill name/purpose — nothing in the package requests unrelated credentials or external network access.

Feb 11, 20268 files1 concern

Purpose & Capabilityok

The name and runtime instructions (invoices, clients, time tracking, dashboard) align with the included Python scripts. The scripts operate on local files in ~/.freelance and require only Python 3 stdlib; there are no unrelated credentials, cloud APIs, or binaries requested.

Instruction Scopeok

SKILL.md instructs running the scripts in scripts/ and references only the ~/.freelance data directory. The code reads/writes config, clients, timetrack, and invoice metadata and opens generated HTML with the local web browser; there are no instructions to read other system files, exfiltrate data, or call external endpoints.

Install Mechanismnote

There is no install spec (no automatic download/install) which is low-risk. Minor inconsistency: SKILL.md describes an instruction-only skill using Python stdlib, but the package does include runnable Python scripts. This is not dangerous but you should be aware the code is present and would run if you execute the scripts.

Credentialsok

The skill requests no environment variables or external credentials. It stores sensitive user-provided data (name, email, phone, SIRET, IBAN, invoice history) under ~/.freelance — this is expected for an invoicing tool but is personal/financial data, so protect that directory accordingly.

Persistence & Privilegeok

The skill does not request always: true, does not modify other skills, and only persists data in its own directory (~/.freelance). It does not request elevated privileges or system-wide changes.

Guidance

This package appears to be a local, coherent freelance toolkit: it creates and uses ~/.freelance/ (config.json, clients.json, timetrack.json, and invoices/). Before installing or running: (1) review the included Python scripts if you want to verify behavior (they are present in the bundle); (2) be aware it will store personal/financial info (IBAN, email, SIRET) locally — keep that directory secure and back it up if needed; (3) the tool opens generated invoices in your default browser (no remote fetches in the template); (4) the source/author is unknown and SKILL.md lacks a published homepage — if provenance matters to you, try to obtain the upstream source or use in a sandbox first. Overall the package is internally consistent and matches its stated functionality.

Latest Release

v2.0.0

Invoicing, time tracking, client management. French micro-entreprise compliant.

More by @HugoSbl

AI Skill Scanner

2 stars

Markdown to Social

0 stars

Legal Docs FR

0 stars

Deploy Kit

0 stars

Price Monitor FR

0 stars

French Services

0 stars

Published by @HugoSbl on ClawHub