Back to skill
Skillv0.1.0
ClawScan security
Affiliate Kol Roi Monitor · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMay 1, 2026, 7:10 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5.5
- Summary
- This instruction-only skill is coherent for affiliate ROI reporting and does not request installation, credentials, persistence, or authority to change accounts or payouts.
- Guidance
- Before using it, provide only the affiliate/order/refund fields needed for the analysis, and anonymize customer identifiers where possible. Treat the output as decision support for commissions and renewals, not as an automatic payout or legal-contract action.
Review Dimensions
- Purpose & Capability
- okThe stated purpose matches the artifacts: it guides attribution, refund adjustment, CAC/ROAS calculations, fraud heuristics, and renewal recommendations for affiliate/KOL programs.
- Instruction Scope
- okThe instructions are bounded to analysis and reporting, with explicit non-use cases; they do not direct hidden tool use, goal override, data sharing, or account mutation.
- Install Mechanism
- okThere is no install spec, no code, no required binaries, no required environment variables, and no package or script execution path.
- Credentials
- okThe workflow expects user-supplied order, refund, commission, and margin data, which is proportionate to affiliate reconciliation; artifacts show no broad filesystem, network, or platform access.
- Persistence & Privilege
- okArtifacts show no credentials, background workers, persistent memory, autonomous account access, payout execution, or contract-changing authority.