ClawHub

Review Defect Miner

v1.0.0

Extract and cluster product defect signals from ecommerce reviews to prioritize quality fixes and address low ratings or negative sentiment.

0· 196·1 current·1 all-time
byLeroyCreates@leooooooow
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (extract and cluster defect signals from ecommerce reviews) aligns with the SKILL.md workflow. There are no unrelated requirements (no cloud creds, no binaries, no config paths) that would be disproportionate to the stated purpose.
Instruction Scope
SKILL.md provides a scoped workflow (normalize text, detect themes, score, output backlog) and an explicit output template. It does not instruct reading system files, environment variables, or sending data to external endpoints. One user-facing consideration: the skill asks to "preserve original evidence snippets" but gives no guidance on redacting PII or handling sensitive user data — you should avoid feeding sensitive PII into the skill or add redaction steps.
Install Mechanism
No install spec and no code files beyond instructional markdown. Nothing is written to disk or downloaded by the skill itself, minimizing install-time risk.
Credentials
No required environment variables, credentials, or config paths are declared. The SKILL.md does not reference hidden env vars. Credential demands are proportional (none).
Persistence & Privilege
always is false and model invocation is allowed (platform default). The skill does not request persistent presence or ask to modify other skills or system settings.
Assessment
This skill is instruction-only and internally consistent with its stated purpose. Before using it: (1) avoid submitting sensitive PII in review texts (the skill preserves evidence snippets but offers no redaction guidance); (2) validate any outputs before acting on them (clustering and severity judgments are heuristic); (3) note the licensing terms (CC BY-NC-SA for non-commercial use; commercial use requires a paid license from Razestar); and (4) because it’s instruction-only there’s no install payload, but if you plug it into an agent that can act autonomously, review agent permissions/logs to make sure outputs aren’t automatically transmitted to external systems you don't control.

Like a lobster shell, security has layers — review code before you run it.

latestvk97b6jyd0hzmqqb1gndm9nyn9h82pnnc

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments