Back to skill
Skillv1.0.0
ClawScan security
Return Reducer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 15, 2026, 1:17 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- Instruction-only ecommerce 'Return Reducer' skill is internally consistent with its stated purpose, requires no installs or credentials, and only asks for user-pasted return data (take care with sensitive customer info).
- Guidance
- This skill appears coherent and low-risk from a technical-permission perspective, but before using it: (1) do not paste unredacted personal data — anonymize or remove names, emails, order IDs, or other PII; (2) supply representative sample sizes (60–90 days as suggested) so clustering is meaningful; (3) treat the skill's impact and cost estimates as hypotheses that require A/B tests or pilot runs; and (4) remember it cannot fetch carrier/ERP data automatically — any such summaries must be provided manually. If you need the agent to work with live systems, prefer a skill that explicitly requests and documents the necessary credentials and access patterns.
Review Dimensions
- Purpose & Capability
- okThe name/description (analyze return reasons and produce remediation plans) matches the SKILL.md inputs and outputs. No binaries, env vars, or installs are requested that would be unrelated to an analytics/consulting task.
- Instruction Scope
- noteThe instructions require the user to paste return-reason data, catalog context, and optionally listing content. This is appropriate for the stated task, but the skill depends entirely on user-provided data (which may contain PII). The SKILL.md does not instruct the agent to read system files, call external endpoints, or access hidden credentials.
- Install Mechanism
- okNo install spec or code files are present (instruction-only), so nothing will be written to disk or fetched at install time. This is the lowest-risk install model.
- Credentials
- okThe skill requests no environment variables, credentials, or config paths. The data it needs (return records, catalog context, listing content) is explicitly user-provided and proportionate to the described functionality.
- Persistence & Privilege
- okalways is false and there is no indication the skill modifies other skills or system-wide settings. Autonomous invocation is permitted by default but not combined with broad privileges or credential access.