Checkout Recovery
v1.1.0Reduce payment failures and cart abandonment from checkout friction by auditing payment method coverage, error messaging, and retry flow design.
⭐ 0· 77·0 current·0 all-time
byLeroyCreates@leooooooow
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Benign
high confidencePurpose & Capability
The name, description, SKILL.md, and all reference files consistently describe a checkout recovery audit: payment coverage, error-copy, retry flows, and remediation roadmaps. The skill requests no binaries, env vars, config paths, or installs that would be unrelated to this purpose.
Instruction Scope
Instructions ask the agent to collect metrics (e.g., checkout completion, payment failure rate) and every checkout error message. This is coherent for an audit, but the SKILL.md is implementation-agnostic (it doesn't specify whether the agent should prompt the user, call a specific analytics API, or request exported reports). That vagueness is expected for a human-driven audit template but means the agent may ask for potentially sensitive data (logs, PII) during execution—the skill itself does not instruct any hidden data access.
Install Mechanism
No install spec and no code files exist — this is instruction-only. Nothing is downloaded or written to disk, minimizing install-time risk.
Credentials
The skill declares no required environment variables, credentials, or config paths. The audit naturally requires access to store metrics or payment-provider data in practice, but the skill does not demand or bake in any unrelated secrets or multi-service credentials.
Persistence & Privilege
Flags show always:false and normal autonomous-invocation defaults. The skill does not request persistent system presence or modify other skills or system config. There is no evidence it would store credentials or enable itself automatically.
Assessment
This skill appears coherent and safe as an audit template, but be cautious about the data you provide when the agent runs it. Prefer giving aggregated metrics or exported reports rather than raw logs or full admin/API keys. If you must grant API access to analytics or payment providers, use read-only scopes and short-lived tokens. Avoid sharing raw customer PII (emails, card details); redact or replace with placeholders when possible. Review recovery templates and discount recommendations against your company policy before applying them. If you want stronger guarantees, ask the agent to only produce instructions and templates and require a human to perform API calls or paste credentials into a secure vault rather than entering them directly into a chat.Like a lobster shell, security has layers — review code before you run it.
latestvk9705jafwyvj6qv84hkhkbp98s84d09j
License
MIT-0
Free to use, modify, and redistribute. No attribution required.