Product Manager Toolkit
PassAudited by ClawScan on May 1, 2026.
Overview
The skill is a coherent product-management helper with local, user-directed scripts and no evidence of hidden network access, credential use, persistence, or destructive behavior.
This appears safe for normal product-management use. Treat customer interviews and roadmap data as sensitive, run the local scripts only on files you intend to analyze, and be aware that the package source is not identified.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using the skill may run local Python scripts against files you provide, such as feature CSVs or interview transcripts.
The skill instructs the user to run bundled local Python scripts. This is expected for the toolkit’s analysis functions and is shown openly, but users should recognize that it executes local code.
python scripts/rice_prioritizer.py sample python scripts/rice_prioritizer.py sample_features.csv --capacity 15 python scripts/customer_interview_analyzer.py interview_transcript.txt
Run the scripts only on intended files and review the bundled code if your transcripts or roadmap data are sensitive.
You have less external provenance context for who authored or maintains the included scripts.
The skill has limited provenance information even though it includes runnable scripts. The provided artifacts and static scan do not show malicious behavior, so this remains a notice rather than a concern.
Source: unknown Homepage: none
Prefer installing from trusted publishers when possible, and review the included scripts before use in sensitive business environments.