ClawHub
Back to skill
v1.0.0

E-commerce Return & Refund Reply

BenignClawScan verdict for this skill. Analyzed May 2, 2026, 11:31 PM.

Analysis

This is an instruction-only reply template skill with no code, install step, credentials, or data exfiltration behavior, though users should verify the unrelated capability signals and avoid sending internal notes to customers.

GuidanceThis skill appears safe for drafting return and refund replies. Before installing, confirm it is not actually granted purchase or crypto permissions, and review generated messages so internal notes are not sent to customers by mistake.

Findings (2)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Human-Agent Trust Exploitation
SeverityInfoConfidenceHighStatusNote
SKILL.md
Produce a single, ready-to-send reply... Output Format... 【内部备注】 Issue type: <issue_type>

The skill describes the output as ready to send, but the required format includes an internal notes section that may not be appropriate to paste directly to a buyer.

User impactA user could accidentally send internal metadata such as the issue classification or template name to a customer.
RecommendationReview the generated response and remove the internal note block before sending it externally, unless it is intended only for staff.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityLowConfidenceLowStatusNote
capability signals
- crypto
- can-make-purchases

These signals are not aligned with an instruction-only customer-service reply generator, but the provided artifacts contain no code, credentials, install steps, or instructions that would actually make purchases or use crypto.

User impactIf these signals correspond to real platform permissions, the skill would have broader financial authority than its stated purpose requires.
RecommendationInstall only if the platform does not actually grant purchase or crypto permissions to this skill, or remove those permissions if configurable.