Proposal Writing
v1.0.0Write proposals that confirm verbal agreements using the SCR framework to clearly outline problems, solutions, ROI, pricing, timeline, and next steps.
⭐ 0· 791·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The SKILL.md content matches the skill name (Proposal Writing) and provides a clear framework and templates. The registry description field is empty (minor metadata omission) but the runtime instructions themselves are coherent and do not request unrelated capabilities.
Instruction Scope
Instructions are scoped to drafting proposals: use client words from discovery, follow the SCR framework, and write outputs to workspace/artifacts/. The skill references using a separate client-discovery skill (expected). It does not instruct reading arbitrary system files, accessing environment secrets, or exfiltrating data to external endpoints, but it will write generated proposals to the agent workspace directory—expect stored artifacts.
Install Mechanism
No install spec and no code files (instruction-only). This is the lowest-risk install profile—nothing is downloaded or written to disk by an installer.
Credentials
The skill declares no required environment variables, credentials, or config paths. That is proportionate to its stated purpose of generating proposal text.
Persistence & Privilege
always:false and model invocation is allowed (normal). The skill writes outputs into workspace/artifacts/ but does not request persistent privileges, system-wide config changes, or access to other skills' credentials.
Assessment
This skill is primarily a template and writing workflow for proposals and appears low-risk. Before installing: 1) note that generated proposals will be written to workspace/artifacts/ (check who/what can read that directory to avoid accidental disclosure of client data); 2) the skill expects discovery inputs (it suggests using a client-discovery skill) — ensure any discovery data you provide does not contain sensitive secrets you don't want stored; 3) review generated proposals before sending (language, pricing, or client-sensitive details may need editing); and 4) the registry entry lacks a short description and homepage (metadata is sparse) — if you need provenance or support, ask the publisher for more info. Overall, nothing in the skill requests unrelated credentials, installs, or privileged behavior.Like a lobster shell, security has layers — review code before you run it.
latestvk97bk1wk0h11v3r91mka4mmr1n811rg6
License
MIT-0
Free to use, modify, and redistribute. No attribution required.