ClawHub
Back to skill
v1.0.0

04 Product Compliance

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 11:34 AM.

Analysis

This is an instruction-only product-compliance review skill with no code, credentials, installs, or external access, but users should treat its compliance decisions as guidance rather than official Alibaba or legal determinations.

GuidanceSafe to install as an advisory compliance-checking prompt, but do not treat its output as official Alibaba enforcement or legal advice. Verify high-impact actions such as delisting, merchant penalties, refunds, or price-fraud findings with current platform rules and qualified reviewers.

Findings (2)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Human-Agent Trust Exploitation
SeverityLowConfidenceHighStatusNote
SKILL.md
author: 阿里巴巴内控部(思维训练版) ... 你是阿里巴巴内控部的**商品合规审查专家**

The skill presents the assistant as an Alibaba internal compliance expert, while the registry source is unknown. This could make users over-trust the output as official if they do not notice the training-version framing.

User impactUsers might treat the generated compliance rating or takedown recommendation as an official platform/legal decision.
RecommendationTreat outputs as preliminary guidance and verify serious findings with official Taobao rules, qualified legal/compliance staff, or authoritative policy sources.
Agentic Supply Chain Vulnerabilities
SeverityInfoConfidenceHighStatusNote
SKILL.md
reference:\n  - 统一术语表:docs/GLOSSARY.md\n  - 信息不足处理:docs/INSUFFICIENCY-HANDLING.md\n  - 规则更新同步:docs/RULE-UPDATE-SOP.md

The skill references supporting documentation files that are not present in the provided one-file manifest, so users cannot inspect those referenced procedures from this artifact set.

User impactReferenced terminology, insufficiency-handling, and rule-update procedures may be unavailable or unverifiable during installation.
RecommendationIf those references matter for your workflow, obtain and review the missing docs before relying on the skill for operational compliance decisions.