Back to skill
Skillv1.0.0
ClawScan security
Multi-SKU Bundles · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMay 1, 2026, 8:08 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5.5
- Summary
- This instruction-only skill is coherently focused on analyzing user-provided order data for bundle recommendations and does not request credentials, install code, or modify systems.
- Guidance
- Before using it, provide only the order-line data needed for co-purchase analysis and avoid including unnecessary customer PII; otherwise the artifacts show a normal, purpose-aligned analytics and copywriting skill.
Review Dimensions
- Purpose & Capability
- okThe stated purpose, SKILL.md instructions, references, and evals all align around co-purchase analysis, FBT bundles, discount copy, and checkout-hook recommendations.
- Instruction Scope
- okThe skill has broad but relevant trigger guidance for AOV, bundle, and order-data tasks, and it includes clear should-not-trigger cases for unrelated requests.
- Install Mechanism
- okThere is no install spec, no code, no required binaries, no package dependencies, and no execution path beyond model instructions.
- Credentials
- okUse of order-line fields such as order ID, SKU, quantity, price, and timestamp is proportionate to the stated market-basket analysis purpose.
- Persistence & Privilege
- okThe artifacts do not request credentials, local auth stores, privileged configuration, persistent background behavior, or autonomous system changes.