ClawHub

Amazon Variation Strategy

v1.0.0

Parent-child variation planning — when to merge/split, color/size variations, ranking benefits

0· 86·0 current·0 all-time
bynexscope-ai@nexscope
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name, description, and SKILL.md content align: the skill describes parent-child variation planning and the instructions focus on collecting product context, asking follow-ups, and producing recommendations for Amazon marketplaces.
Instruction Scope
SKILL.md contains high-level steps (collect user info, ask one multi-choice follow-up, 'research and analyze using the frameworks and methodology below') but does not specify external endpoints, files, or credentials. The vagueness grants broad discretion to the agent about how it 'researches' (e.g., web queries or internal tools), so reviewers should be aware the agent may perform web lookups or use other agent capabilities when executing the skill.
Install Mechanism
Registry lists no install spec and there are no code files (instruction-only). SKILL.md nevertheless suggests running 'npx skills add nexscope/amazon-variation-strategy' — this is documentation only, not an install entry in the registry. That mismatch is not dangerous by itself but you should verify the npm package and repository before running any npx command.
Credentials
Skill declares no required environment variables, no credentials, and no config paths. Nothing in the instructions asks for secrets or unrelated credentials.
Persistence & Privilege
Skill is not marked always:true and uses default model-invocation permissions. That is normal; the skill does not request elevated persistence or access to other skills' configs.
Assessment
This skill appears coherent and low-risk: it only contains instructions and asks no credentials. Before installing or running anything the SKILL.md suggests, verify the source (the README links to Nexscope GitHub pages — inspect those repos), and if you plan to run the provided 'npx' command, review the npm package contents and code first. Expect the agent to perform web research or use its tools when asked to 'research and analyze'; avoid pasting sensitive account credentials or proprietary data into the conversation. If you need higher assurance, request the skill's implementation code or a concrete list of data sources/methods from the author before use.

Like a lobster shell, security has layers — review code before you run it.

latestvk97aq6y3ky1kcsbg9q9ma8v9r584gt15

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments