Zapier

The skill bundle is benign. It provides comprehensive documentation and examples for interacting with the Zapier platform. The `SKILL.md` and `setup.md` files instruct the AI agent to gather user preferences and store them locally in `~/zapier/memory.md`, which is a legitimate function for a skill to maintain state. All network interactions are directed towards official Zapier domains (e.g., `api.zapier.com`, `hooks.zapier.com`, `tables.zapier.com`). Code snippets (bash, JavaScript, Python) are presented as examples of Zapier's functionality for the user or for Zapier's internal 'Code' steps, not as direct commands for the OpenClaw agent to execute arbitrarily. There is no evidence of prompt injection attempts, data exfiltration, or other malicious intent.