Checkout Friction Audit
v1.0.1Audit checkout friction points and prioritize fixes that improve completed purchases without increasing risk. Use when the user reports high add-to-cart but...
⭐ 0· 204·1 current·1 all-time
byLeroyCreates@leooooooow
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name, description, and instructions all focus on auditing checkout friction. There are no unrelated environment variables, binaries, or install steps requested that would be disproportionate to a conversion-audit workflow.
Instruction Scope
Instructions recommend using the platform-managed browser and Browser Relay for hands-on inspection and to use user-provided funnel notes/screenshots. This is appropriate for the purpose but does imply the agent may access live pages or a user's browser session — the skill text does require explicit user consent for Browser Relay, which is good. The guidance to 'push fixes into sprint board' is high-level and would require separate integration credentials if automated; the SKILL.md does not declare any such env vars or endpoints.
Install Mechanism
Instruction-only skill with no install spec and no code files, so nothing is written to disk or downloaded. This is low risk and proportionate to the described functionality.
Credentials
No required environment variables, credentials, or config paths are declared. The skill's actions (inspect pages, review user-provided artifacts) do not require secrets. Any integration that would modify sprint boards or external services would need separate explicit credentials not requested here.
Persistence & Privilege
always is false and autonomous invocation is allowed (platform default). There is no request to modify other skills or system-wide settings. No unusual persistence or elevated privileges are requested.
Assessment
This skill is a checklist/instruction set and appears coherent for auditing checkout flows. Before using it: (1) Provide only the minimum data needed (staging URLs, anonymized complaints, screenshots) and avoid sharing real customer PII unless necessary. (2) Grant Browser Relay or access to a local Chrome session only with explicit consent and awareness that the agent will inspect pages you provide. (3) If you expect the skill to create or modify sprint-board items, confirm what integration will be used and supply credentials only through the platform's secure integration mechanism — the skill itself does not request or store those credentials. (4) Note the license: non-commercial CC BY-NC-SA; obtain a commercial license from Razestar if you plan to use it commercially.Like a lobster shell, security has layers — review code before you run it.
latestvk972sd49mh3ydx6w86m7mfcnqd834s4y
License
MIT-0
Free to use, modify, and redistribute. No attribution required.