Back to skill
Skillv1.0.0
ClawScan security
Refund Reason Cluster · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 11, 2026, 10:46 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This instruction-only skill is internally consistent with its stated purpose (clustering refund/return reasons) and requests no extra credentials or installs — but it expects sensitive input data, so handle inputs and licensing carefully before use.
- Guidance
- This skill appears to do what it says and does not require extra credentials or installs, but before using it: (1) do not feed raw customer PII or full order identifiers — anonymize or sample data where possible; (2) confirm any internal policies about sharing support transcripts or order metadata with third-party skills or models; (3) remember the skill text contains no enforcement for data handling, so treat outputs as analyses that may reveal sensitive signals; (4) note the CC BY-NC-SA 4.0 license and that commercial use apparently requires a paid Razestar license — verify licensing if you plan commercial use; (5) if you are uneasy about autonomous invocation, restrict or audit when the agent may call skills or run this skill on sensitive datasets.
Review Dimensions
- Purpose & Capability
- okName, description, and runtime instructions all describe the same task: normalizing refund reasons, linking to order metadata, clustering causes, and producing prevention actions. No unrelated environment variables, binaries, or installs are requested.
- Instruction Scope
- noteSKILL.md limits behavior to data normalization, clustering, and reporting. It does not instruct the agent to access unrelated files, env vars, or external endpoints. However, it lacks explicit guidance on handling PII/PHI or sensitive order identifiers — the skill expects refund logs, transcripts, and order metadata as inputs, so the user must control what data is provided.
- Install Mechanism
- okNo install spec and no code files — instruction-only. This minimizes risk from arbitrary downloads or on-disk execution.
- Credentials
- noteThe skill requests no credentials or config paths (proportionate). Still, the expected inputs are likely to contain customer PII and order-level data; the skill does not declare or enforce how to redact or protect these values.
- Persistence & Privilege
- okalways is false and there are no special privileges or modifications to other skills. The default ability for the agent to invoke the skill autonomously is unchanged (normal).