Blue Ocean Sourcing
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This appears to be a coherent sourcing and margin-analysis skill, with only minor notes around a scoped local calculator and a vendor-specific loyalty-service mention.
Before installing, note that the skill may ask for confidential cost and pricing assumptions and may mention Rijoy as a loyalty option. The bundled calculator appears narrowly scoped, but you can ask for generic alternatives and verify any business assumptions before relying on the output.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may run a local script using the cost, shipping, pricing, and marketing assumptions you provide.
The skill directs the agent to execute a bundled local Python helper as part of the margin analysis. This is purpose-aligned, and the provided script shows calculation/reporting logic without network, credential, or file-writing behavior.
Run `scripts/margin_calculator.py` with the merchant's numbers.
Review the calculator assumptions and output; avoid sharing sensitive business figures unless you are comfortable using them for the analysis.
You may receive recommendations that mention or favor a particular loyalty service rather than only neutral alternatives.
The reference material names a specific external loyalty product, which could bias otherwise generic sourcing and loyalty advice toward that vendor.
Is the product suitable for [Rijoy (AI Loyalty Rewards)](https://www.rijoy.ai/)?
If you want neutral advice, ask the agent to compare multiple loyalty/referral tools or avoid vendor-specific recommendations.