raai-price-probe-zero-20260421
ReviewAudited by ClawScan on May 10, 2026.
Overview
This skill should be reviewed before installation because it asks for sensitive CRM/bot/API credentials and can automate customer-support account actions, while the registry says no credentials or install process are required.
Before installing, verify that this is the intended AI support/CRM automation skill, inspect install.sh before running it, and do not provide CRM, Telegram, OpenAI/Anthropic, or Google Sheets credentials until scopes and approval rules are clear. Start with CRM writes, auto-refunds, and customer-facing messages disabled or human-approved.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user may approve a skill expecting a different or narrower purpose than the support/CRM automation described in the instructions.
The skill name suggests a price probe, while the actual content is a customer-support/CRM automation product. This mismatch can cause users to misunderstand what they are installing.
name: price-probe-zero ... # AI-Поддержка PRO — Цифровой Отдел Поддержки Клиентов
Rename and describe the package consistently with its actual customer-support and CRM automation purpose.
If these credentials are provided, the agent may gain access to external accounts, customer records, messages, or spreadsheets beyond what the registry disclosure suggests.
The skill asks for sensitive provider, bot, CRM, and spreadsheet credentials, but the registry metadata declares no required environment variables or primary credential.
requires: env: - ANTHROPIC_API_KEY - OPENAI_API_KEY optional: env: - TELEGRAM_BOT_TOKEN - BITRIX24_WEBHOOK_URL - AMOCRM_API_KEY - GOOGLE_SHEETS_CREDENTIALS_JSON
Declare all credentials in metadata, document exact scopes, use least-privilege/read-only tokens where possible, and require explicit user confirmation before using write-capable credentials.
A misclassification or bad prompt could create or update customer records, route escalations incorrectly, or approve low-value refunds without sufficient review.
The configuration supports automatic CRM ticket/card changes and refund approval thresholds. These actions fit the support-automation goal but are business-impacting and not clearly gated by human approval in the artifacts.
crm: enabled: false ... auto_create_ticket: true auto_update_client_card: true ... returns: auto_approve_return_under_rub: 1000
Keep write actions disabled by default, add explicit approval steps for CRM writes/refunds/customer messages, and document rollback procedures.
Users may run local scripts that are not represented in the registry install contract, increasing the chance of unexpected local changes.
The README instructs local shell execution even though the install specification says there is no install spec and the skill is instruction-only.
# 1. Установить bash install.sh ... # 3. Проверить установку bash test/smoke-test.sh
Publish an explicit install spec, document what install.sh changes, and advise users to inspect scripts before running them.
Customer complaints, contact details, ticket history, or business metrics could be sent to third-party systems if integrations are enabled.
The skill is designed to move support and escalation data through Telegram and CRM integrations, which is expected for the product but involves customer and operational data crossing external services.
channels: telegram: enabled: true ... escalation: l2_manager: telegram: "@manager_username" phone: "+7XXXXXXXXXX" ... crm: ... api_url: "" api_key: ""
Document data flows, avoid sending unnecessary PII, restrict recipients, and ensure Telegram/CRM integrations match the company’s privacy requirements.