v1.0.0

AANA Support Reply Guardrail Skill

ReviewClawScan verdict for this skill. Analyzed May 2, 2026, 10:23 PM.

Analysis

The skill text is a privacy-focused support-reply checklist, but its capability signals claim unrelated wallet, purchase, transaction-signing, and sensitive-credential access, so it should be reviewed before installation.

GuidanceThe provided files themselves look like a benign instruction-only support-reply safety checklist. However, because the capability signals list unrelated high-impact financial and credential capabilities, install only if the platform confirms those permissions are not actually granted or the publisher corrects the metadata.

Findings (2)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityHighConfidenceMediumStatusConcern

capability signals

requires-wallet; can-make-purchases; can-sign-transactions; requires-sensitive-credentials

These high-impact capability signals are unrelated to the stated instruction-only purpose of reviewing customer support replies and are not scoped or justified by the provided files.

User impactIf these capabilities are actually granted by the platform, a simple reply-review skill could receive unrelated financial, wallet, transaction-signing, or credential-related authority.

RecommendationDo not grant wallet, purchase, transaction-signing, or sensitive-credential access for this skill unless the publisher corrects the capability flags or provides a clear, reviewed justification.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityLowConfidenceHighStatusNote

SKILL.md

When using a configured AANA checker, send only a minimal redacted review payload

The skill can involve sending a support-reply review payload to a configured checker, but it explicitly limits this to minimal redacted data.

User impactA support reply summary or claim-status information may be shared with an approved checker if one is configured.

RecommendationUse only approved checkers and keep payloads redacted; do not include raw account records, full payment data, credentials, private messages, or full ticket history.