ClawHub

Shipping Cost Optimizer

v1.0.0

Analyze ecommerce fulfillment notes across weight, volume, packaging, region, carrier pricing, and free-shipping policy, then turn rough order-cost data into...

0· 51·0 current·0 all-time
byhaidong@harrylabsj
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description ask for offline analysis of order and packaging notes; the code parses user-provided text/structures and emits a markdown report. Required env, binaries, and config paths are none — proportional to the stated purpose.
Instruction Scope
SKILL.md restricts the skill to user-provided exports and explicitly disclaims live TMS/carrier/ERP integrations. The handler implementation only reads its own SKILL.md and the provided input; it does not attempt to access unrelated files, network endpoints, or secrets in the visible code.
Install Mechanism
No install spec is provided (instruction-only). The repository includes pure Python code and tests; there are no downloads, package installs, or extract steps that would write or execute remote code.
Credentials
The skill requests no environment variables, credentials, or config paths. The handler does not reference secrets or external service tokens in the provided source.
Persistence & Privilege
The skill is not marked always:true and does not request elevated persistence or modify other skills' configuration. Autonomous invocation is allowed by default (platform behavior) but is not combined with other red flags here.
Assessment
This skill appears to be a local, heuristic report generator that works from user-supplied order/packaging notes. It does not need credentials or perform network calls in the visible code. Before installing: (1) confirm you are comfortable running third-party Python code in your environment; (2) avoid supplying sensitive production data (e.g., full customer records or live credentials) when testing — use representative, anonymized order/cost notes; and (3) if you plan to integrate this into an automated pipeline, review the full handler.py (and any missing parts) to ensure there are no additional network calls or side effects not contained in the files provided.

Like a lobster shell, security has layers — review code before you run it.

latestvk9750we9pwsepx2xqgbrzv7cb984tj2a

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments