raai-price-probe-noprice-20260421
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill’s customer-support purpose is coherent, but it requests sensitive AI/CRM/Telegram credentials and describes automated customer/CRM actions without clear approval, scope, or rollback controls.
Review this skill before installation. Use separate least-privilege API keys, do not connect production CRM or refund workflows until human approval gates are added, inspect install.sh before running it, and ensure customer PII is redacted or limited before sending it through model providers or chat notifications.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user may install the skill expecting no credentials, then be asked to provide tokens that can access AI providers, Telegram, CRM systems, or Google Sheets.
The skill asks for model-provider and integration credentials, including CRM and messaging tokens, while the registry metadata says no required env vars and no primary credential.
requires: env: - ANTHROPIC_API_KEY - OPENAI_API_KEY optional: env: - TELEGRAM_BOT_TOKEN - BITRIX24_WEBHOOK_URL - AMOCRM_API_KEY - GOOGLE_SHEETS_CREDENTIALS_JSON
Declare all required and optional credentials in registry metadata, document exact scopes, and use least-privilege service accounts for CRM, Telegram, and Sheets.
If connected to a real CRM, the agent could create or alter business/customer records incorrectly or at the wrong time.
The configuration supports CRM mutation actions such as ticket creation and client-card updates, but the artifacts do not clearly require human confirmation, limit fields, or explain rollback.
crm: enabled: false ... api_key: "" auto_create_ticket: true auto_update_client_card: true
Require explicit approval before CRM writes, document which fields may be changed, log every mutation, and provide rollback or review procedures.
An incorrect classification or prompt could lead to unauthorized refund approvals or inconsistent customer commitments.
The skill includes automatic refund-approval logic. Refunds are financial/business-impacting decisions and the artifacts do not clearly state that a human must approve execution.
returns: ... auto_approve_return_under_rub: 1000
Treat refund decisions as recommendations unless a human explicitly approves them, and clearly separate draft responses from actual refund execution.
Sensitive customer information could be exposed in chat transcripts, reports, notifications, or model context more broadly than intended.
The skill is designed to retrieve and display customer profile data, contact details, LTV, ticket history, and support metrics, but the artifacts do not define data-minimization, redaction, retention, or sharing boundaries.
КАРТОЧКА КЛИЕНТА #CRM-2291 ... Telegram: @svetlana_i | Email: s.ivanova@mail.ru ... LTV: 124 000 руб ... История
Add privacy rules for PII redaction, limit which CRM fields can be read, avoid sending unnecessary customer details to chat or external providers, and define retention and audit controls.
Running local shell scripts can change files or environment settings on the user’s machine.
The README instructs users to run a shell installer even though the registry says there is no install spec. This is a user-directed setup step, but it should be reviewed before execution.
# 1. Установить bash install.sh
Inspect install.sh before running it, publish a clear install spec, and document exactly what the installer creates or modifies.
Users may underestimate where data could be processed or what accounts/API keys are needed.
The marketing material claims no external paid dependencies, while SKILL.md lists Anthropic/OpenAI API keys and optional external integrations. This may understate external-provider dependence.
Без внешних платных зависимостей ... НАША ... ДА
Clarify that AI providers and optional CRM/messaging integrations are external services and may have separate costs, permissions, and privacy implications.