Package Delivery Coordinator
AdvisoryAudited by Static analysis on May 12, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the user provides or forwards too much detail, a pickup code, gate access detail, or availability schedule could expose package or building access information.
The workflow can involve pickup codes or building access details. That is purpose-aligned for package coordination, and the skill also warns not to broadly share access codes, but users should treat these details as sensitive.
Signature requirement, ID requirement, or pickup code, if any... Building rules: package room hours, desk procedures, gate access, or pickup limits.
Provide only the minimum details needed, avoid sharing full codes unless necessary, and review any generated message before sending it to a helper or front desk.
If connected to a messaging tool, the agent could contact neighbors, front desk staff, or others after explicit authorization.
The skill is mainly draft-only, but it acknowledges that messages could be sent if the user explicitly authorizes an approved channel. This is controlled and purpose-aligned, but outbound contact should remain user-reviewed.
Draft messages the user can copy, edit, and send. Do not send messages yourself unless explicitly instructed by the main user through an approved channel and policy permits it.
Keep messages as drafts by default; only authorize sending after checking the recipient, wording, and any sensitive delivery details.