Churn Prevention
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This instruction-only churn skill is mostly coherent, but it includes advice that could block customers from self-service cancellation, which users should review carefully.
Review the cancellation-flow guidance before using it in production. The strategic content is mostly purpose-aligned, but avoid implementing any flow that blocks or hides cancellation, and check applicable click-to-cancel, subscription, refund, and data-retention rules.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user could implement a cancellation flow that prevents customers from cancelling directly, creating legal, reputational, or customer-trust risk.
This explicitly recommends blocking self-service cancellation for high-value accounts. That can add cancellation friction and may conflict with consumer-protection or click-to-cancel requirements, especially because the same artifact notes that cancellation should be as easy as signup.
| $2,000+/mo | Block self-serve cancel, require CS call |
Do not implement cancellation blocking by default. Keep a clear self-service cancellation path, require legal/compliance review for any enterprise exceptions, and make 'continue cancelling' clear at every step.
The agent may rely on local product context when designing churn-prevention recommendations, potentially exposing or acting on sensitive or stale business information.
The skill uses a persistent local context file as input. This is scoped and purpose-aligned, but the file may contain private product strategy or outdated/poisoned instructions that influence the agent’s recommendations.
If `.agents/product-marketing-context.md` exists (or `.claude/product-marketing-context.md` in older setups), read it before asking questions.
Keep the product-marketing context file free of secrets, review it for accuracy, and treat its contents as context rather than unquestioned authority.