ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

CCO / Chief Customer Officer

v1.0.2

Lead customer success with retention strategies, health scoring, expansion revenue, and lifecycle management.

2· 592·1 current·1 all-time
byIván@ivangdavila
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (Chief Customer Officer guidance) matches the content: playbooks, health scoring, retention, expansion, and templates. No unrelated binaries, env vars, or external credentials are requested.
Instruction Scope
Runtime instructions reference creating and using a local memory file (~/cco/memory.md) and multiple guidance documents. This is within scope for a CCO skill, but it does direct the agent to write/read local files (the memory template) — i.e., it will persist customer-related data locally.
Install Mechanism
No install spec or code is included (instruction-only). No downloads or archives; nothing will be written to disk by an installer beyond what the agent itself does when following the instructions.
Credentials
No environment variables, credentials, or config paths are required. The skill mentions integrations (e.g., Gainsight, Salesforce) but does not request access to those credentials — proportionate to an advisory/template skill.
Persistence & Privilege
The skill persists a memory file in the user's home directory (~/cco/memory.md) to track CS metrics and priorities. always is false and autonomous invocation is not disabled; the setup explicitly asks the user whether to activate proactively, which is appropriate but users should confirm the activation choice.
Assessment
This skill is an instruction-only CCO advisor and appears coherent with its description. Before installing, consider: 1) The skill will create and use a local file at ~/cco/memory.md to store customer success metrics — review what you store there and avoid placing sensitive customer PII or credentials in that file. 2) The skill can be set to 'proactive' during setup; explicitly decline proactive activation if you don't want the agent to autonomously flag customer health or engage without each human confirmation. 3) If you later connect this guidance to real systems (CRM, analytics, CS platforms), those integrations will require separate credentials — only grant them when you trust the integration and understand the access scope. 4) Because this is instruction-only, there is no external code being installed, but the agent will write files locally as part of normal operation; ensure your environment's file-access policies meet your security requirements.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dsrvba5k4t03bhc865nhdfn81ttra

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🤝 Clawdis
OSLinux · macOS · Windows

Comments