ClawHub

Shipping Operations

v1.0.0

Plan and manage parcel shipping decisions with carrier selection, landed-cost math, customs checks, and delivery exception playbooks.

0· 694·6 current·6 all-time
byIván@ivangdavila
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description match the declared behavior: advisory shipping guidance, carrier selection, customs checks, and playbooks. The only requested resource is a config path (~/shipping/) used for durable memory, which is appropriate for a workflow-focused skill.
Instruction Scope
Runtime instructions are focused on asking the user for shipment data, saving reusable operational memory to ~/shipping/, and following documented playbooks. The guidance explicitly states it will not call carrier APIs or exfiltrate data unless the user provides integrations. One area to watch: the skill encourages 'learn while solving live requests' and saving memory, so users should ensure the agent does not persist sensitive PII or payment data — the docs do instruct to redact sensitive identifiers.
Install Mechanism
Instruction-only skill with no install spec and no code files—no downloads, packages, or binaries are created. This is the lowest-risk install footprint.
Credentials
The skill requests no environment variables, no credentials, and only a single config path (~/shipping/) for local memory. These requirements are proportionate to the stated purpose of keeping operational shipping context.
Persistence & Privilege
Does not request always:true, does not modify other skills, and stores its own memory under a single user-level directory. Autonomous invocation is allowed (platform default) but not in itself a red flag given the skill's advisory nature.
Assessment
This skill appears to do what it says: it is an advisory shipping operations helper that saves reusable context under ~/shipping/ and does not require keys or install code. Before installing, consider: 1) Review and periodically inspect files in ~/shipping/ (memory.md, incidents.md) to ensure no sensitive personal data or payment card data are stored. 2) If you accept integrations later, confirm what external endpoints and credentials the integration requires before providing them. 3) Restrict permissions on the ~/shipping/ folder (e.g., 700) or place it in a dedicated workspace if you’re concerned about confidentiality. 4) Because the skill comes from an unknown source, double-check the hosted homepage and any future integration instructions for unexpected endpoints before granting credentials.

Like a lobster shell, security has layers — review code before you run it.

latestvk974c8kmavdbyh31636n4hk1rs82114f

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

BOX Clawdis
OSLinux · macOS · Windows
Config~/shipping/

Comments