Abandoned Checkout Monitor
v0.1.1Deep cart-to-checkout funnel monitoring, abnormal friction detection, and multi-touch recovery playbooks for e-commerce. Use this skill whenever the user men...
⭐ 0· 180·0 current·0 all-time
byRIJOY-AI@rijoyai
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The skill's name, description, and SKILL.md align: it is a diagnostic + playbook generator for cart→checkout abandonment. It asks for platform, markets/currency, funnel metrics, payment methods, and existing outreach — all relevant to the stated goal. No unrelated binaries, env vars, or config paths are requested.
Instruction Scope
The SKILL.md is prescriptive (requires a multi-block 'full playbook' and a structured master table with at least four rows). It instructs the agent to read the included reference playbook and to infer context from the conversation, asking only missing questions. It does not instruct reading system files, environment variables, or contacting external endpoints. Note: the policy is 'pushy' — the skill will produce long, structured output even for vague merchant questions, which is a design choice (not a security issue) but may produce lengthy disclosures if a user supplies logs or data.
Install Mechanism
No install spec and no code files that execute — instruction-only. This is low-risk: nothing is downloaded or written to disk by the skill itself.
Credentials
The skill declares no required environment variables, no credentials, and no config paths. All requested context (platform, metrics, payment methods, existing outreach) is appropriate for its function.
Persistence & Privilege
always:false (no forced inclusion). Model invocation is permitted (default) but not combined with any credential requests or system-level changes. The skill does not request persistent system modifications or access to other skills' configs.
Assessment
This skill appears internally consistent and low-risk: it only contains instructions and reference docs to generate checkout-diagnostic playbooks, and it asks for no credentials or installs. Before installing, consider: (1) the skill is designed to always produce a long, structured playbook (table + checkout friction checklist + gateway troubleshooting + three-email sequence) even for vague questions — if you prefer short answers for simple inventory or order-status queries, do not rely on this skill for those. (2) The skill may ask you to supply funnel metrics, payment error codes, or sample logs to validate hypotheses — avoid pasting raw payment logs, full PII, or admin credentials; provide aggregated or anonymized metrics instead. (3) Recovery-email drafts may implicate legal/compliance requirements (CAN-SPAM, GDPR consent, local rules) — review any outreach plans with your legal/compliance team before sending. (4) If you want the agent to act autonomously across systems or to fetch logs from your platform, do not provide admin keys or live credentials to the agent; instead, extract and share only the minimally necessary aggregated data. Overall: technically benign and coherent; the primary non-security concern is its mandatory verbose output model and how much data you choose to share when following its instrumenting requests.Like a lobster shell, security has layers — review code before you run it.
latestvk979m786s2ymkb8ekve5newqah82w9qd
License
MIT-0
Free to use, modify, and redistribute. No attribution required.