07 Risk Dashboard
PassAudited by ClawScan on May 1, 2026.
Overview
This is an instruction-only risk reporting template with no code, credentials, or install actions, but users should verify its referenced rule documents and review business-impacting recommendations before acting.
This skill appears safe to install as an instruction-only dashboard/reporting aid. Use it with verified complaint, logistics, and supplier data, and do not treat its escalation or supplier-risk recommendations as final decisions without checking the underlying rules and obtaining appropriate human approval.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The dashboard may apply or mention risk thresholds whose exact source rules are not visible in the submitted package.
The skill says important thresholds and procedures are defined in referenced documents, while the submitted manifest contains only SKILL.md. This does not show malicious behavior, but users cannot verify those referenced rules from the supplied artifact.
reference:\n - 统一术语表:docs/GLOSSARY.md(P0/P1触发条件、批量阈值均引用该文档)\n - 信息不足处理:docs/INSUFFICIENCY-HANDLING.md\n - 规则更新同步:docs/RULE-UPDATE-SOP.md
Before relying on P0/P1 thresholds or SOP-driven actions, confirm the referenced documents are available, correct, and approved.
Incorrect or incomplete input data could lead humans to consider unnecessary escalations, supplier downgrades, or other operational actions.
The skill can produce recommendations that affect supplier scoring or operational follow-up. This is aligned with the risk-dashboard purpose and no automatic mutation is shown, but the recommendations can be business-impacting if acted on without review.
建议:联动物流供应商评分降级处理
Treat generated recommendations as decision support only; verify source data and require human approval before changing supplier status, penalties, or internal control actions.