raai-price-probe-noprice-20260421
AdvisoryAudited by VirusTotal on Apr 21, 2026.
Overview
Type: OpenClaw Skill Name: raai-price-probe-noprice-20260421 Version: 0.0.1 The bundle is a comprehensive AI-driven customer support framework designed for the OpenClaw platform, focusing on Russian-language business operations. It includes standard installation and build scripts (install.sh, build.sh), configuration templates (config.yaml), and an extensive system prompt (SKILL.md) that defines logic for ticket categorization, SLA tracking, and CRM integration. Analysis of the shell scripts and markdown instructions reveals no evidence of malicious intent, data exfiltration, or harmful prompt injection; all behaviors are strictly aligned with the stated purpose of automating Tier-1 support.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user may install the skill expecting no credentials, then be asked to provide tokens that can access AI providers, Telegram, CRM systems, or Google Sheets.
The skill asks for model-provider and integration credentials, including CRM and messaging tokens, while the registry metadata says no required env vars and no primary credential.
requires: env: - ANTHROPIC_API_KEY - OPENAI_API_KEY optional: env: - TELEGRAM_BOT_TOKEN - BITRIX24_WEBHOOK_URL - AMOCRM_API_KEY - GOOGLE_SHEETS_CREDENTIALS_JSON
Declare all required and optional credentials in registry metadata, document exact scopes, and use least-privilege service accounts for CRM, Telegram, and Sheets.
If connected to a real CRM, the agent could create or alter business/customer records incorrectly or at the wrong time.
The configuration supports CRM mutation actions such as ticket creation and client-card updates, but the artifacts do not clearly require human confirmation, limit fields, or explain rollback.
crm: enabled: false ... api_key: "" auto_create_ticket: true auto_update_client_card: true
Require explicit approval before CRM writes, document which fields may be changed, log every mutation, and provide rollback or review procedures.
An incorrect classification or prompt could lead to unauthorized refund approvals or inconsistent customer commitments.
The skill includes automatic refund-approval logic. Refunds are financial/business-impacting decisions and the artifacts do not clearly state that a human must approve execution.
returns: ... auto_approve_return_under_rub: 1000
Treat refund decisions as recommendations unless a human explicitly approves them, and clearly separate draft responses from actual refund execution.
Sensitive customer information could be exposed in chat transcripts, reports, notifications, or model context more broadly than intended.
The skill is designed to retrieve and display customer profile data, contact details, LTV, ticket history, and support metrics, but the artifacts do not define data-minimization, redaction, retention, or sharing boundaries.
КАРТОЧКА КЛИЕНТА #CRM-2291 ... Telegram: @svetlana_i | Email: s.ivanova@mail.ru ... LTV: 124 000 руб ... История
Add privacy rules for PII redaction, limit which CRM fields can be read, avoid sending unnecessary customer details to chat or external providers, and define retention and audit controls.
Running local shell scripts can change files or environment settings on the user’s machine.
The README instructs users to run a shell installer even though the registry says there is no install spec. This is a user-directed setup step, but it should be reviewed before execution.
# 1. Установить bash install.sh
Inspect install.sh before running it, publish a clear install spec, and document exactly what the installer creates or modifies.
Users may underestimate where data could be processed or what accounts/API keys are needed.
The marketing material claims no external paid dependencies, while SKILL.md lists Anthropic/OpenAI API keys and optional external integrations. This may understate external-provider dependence.
Без внешних платных зависимостей ... НАША ... ДА
Clarify that AI providers and optional CRM/messaging integrations are external services and may have separate costs, permissions, and privacy implications.