Skillv1.0.0

ClawScan security

churn-prevention · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 11, 2026, 3:51 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's files, instructions, and requirements are consistent with a churn-prevention playbook and a small local calculator script; nothing requests unrelated credentials or installs arbitrary code.
Guidance: This skill appears to be a straightforward playbook and a harmless local calculator script. Before enabling or invoking it: 1) Check any local file named marketing-context.md (the skill will read it if present) and remove or redact secrets or payment credentials. 2) Don’t paste live API keys or full account credentials into chat if the agent asks for connector details—provide high-level info (e.g., 'Stripe' vs. an API key). 3) Review the churn_impact_calculator.py if you plan to run it locally — it takes JSON input or falls back to sample data, and it makes no network calls. 4) If you plan to implement playbook steps that touch billing systems, ensure those integrations are done in your secure backend (not by pasting credentials into an agent). Overall: coherent and reasonable, but always avoid exposing secrets in workspace files the skill might read.

Purpose & Capability: okName/description (churn prevention) align with included artifacts: a detailed cancel-flow playbook, a dunning guide, and a local churn impact calculator script. The skill does not request unrelated binaries, environment variables, or config paths.
Instruction Scope: noteSKILL.md stays within the expected scope (designing cancel flows, building dunning sequences). It asks the agent to read marketing-context.md if present — reasonable for gathering context but means the agent will access files in the workspace. The playbooks instruct implementers to store cancel_reason and offer outcomes in customer records (implementation guidance), but the skill does not instruct network exfiltration or use of secrets. Review any workspace file the agent may read for sensitive data before invoking.
Install Mechanism: okNo install spec (instruction-only plus one small local Python script). Nothing is downloaded from external URLs and no archives are extracted. Low install risk.
Credentials: okThe skill declares no required environment variables, primary credential, or config paths. References to payment processors (Stripe, Chargebee, etc.) are contextual and do not force credentials to be provided by the platform.
Persistence & Privilege: okalways:false (not forced into every agent run) and default autonomous invocation allowed. The skill does not request persistent modifications to other skills or system-wide settings.