ClawHub

CRO / Chief Revenue Officer

v1.0.1

Optimize conversion rates with funnel analysis, A/B testing, statistical significance, and compliance-safe experiments.

6· 1.1k·4 current·4 all-time
byIván@ivangdavila
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (conversion optimization, A/B testing, funnel audits) match the included guidance (audits.md, testing.md, tools.md, legal.md). References to analytics and experimentation platforms (GA4, Mixpanel, Optimizely, etc.) are appropriate for the stated purpose.
Instruction Scope
SKILL.md and supporting files limit the agent to audit, test design, statistical interpretation, compliance guidance, and recommended actions. There are no instructions to read unrelated system files, exfiltrate data, or call external endpoints outside of listing common third-party tools. The only operational ambiguity: 'implement winning variants' implies making changes/deploys, but the skill doesn't include automated deploy/install instructions or credentials—so the scope remains advisory.
Install Mechanism
No install spec and no code files — instruction-only. This is low-risk: nothing is downloaded or written to disk by the skill itself.
Credentials
The skill itself requests no environment variables or credentials (which is proportionate). In practice, using the recommended integrations will require API keys or access to analytics/experimentation platforms; the skill does not request or store these. Users should provide only minimal-scope credentials if they plan to let an agent take actions.
Persistence & Privilege
always is false and there is no install that persists components. The skill does not request elevated or system-wide privileges and does not modify other skills' configs. Autonomous invocation is enabled (platform default) but poses no additional incoherence by itself.
Assessment
This skill is an advisory, instruction-only CRO playbook and appears coherent. Before installing or letting an agent act on its recommendations: 1) Be cautious about granting any agent access to production systems — only supply minimal, scoped API keys (read-only where possible) and rotate them regularly. 2) If you allow the agent to 'implement' changes, require human approval and run changes on staging first. 3) Follow the legal.md guidance for EU/CA consent rules — do not run experiments that rely on cookies/identifiers without proper consent. 4) Log and document all tests and data sources (the skill emphasizes this; enforce it operationally). 5) If you integrate third-party tools, prefer official SDKs/APIs and audit their scopes; the skill itself does not include any downloads or hidden endpoints, so risk comes from granting access to external systems, not from the skill's content.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bstzwep3esm3bzhk8g9yq9x81gk1d

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📈 Clawdis
OSLinux · macOS · Windows

Comments