Afrexai Business Automation TEMP
ReviewAudited by ClawScan on May 10, 2026.
Overview
This is mostly a documentation-only automation framework, but its package identity is inconsistent and it encourages broad automations that could change finance, HR, and account systems without clear approval boundaries.
Before installing, confirm the intended package name and publisher. Treat this skill as a planning aid unless you explicitly approve implementation steps. If you use it to build real automations, use least-privilege credentials, sandbox tests, human approval for finance/HR/account changes, monitoring, and documented rollback steps.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user may be reviewing one package but be directed toward a differently named package or unclear owner, making it harder to verify provenance.
The registry identity differs from the embedded _meta.json slug/owner and the README install command, which point to afrexai-business-automation rather than the evaluated temp package.
Slug: afrexai-business-automation-temp; Owner ID: kn7favg91765ttv6tt0fb1ycv582wktt
Verify the publisher and intended slug before installation, and ask the maintainer to align registry metadata, _meta.json, and README install instructions.
The agent could help build or run automations that modify business records, send notifications, or operate recurring jobs without a clearly stated approval gate in the artifacts.
This directs the agent toward broad execution and integration mechanisms; combined with finance, HR, CRM, and support automation examples, this can lead to high-impact changes if not explicitly approved and scoped.
Implement using agent tools — cron jobs, APIs, scripts, notifications
Use the skill for design and documentation by default, and require explicit human approval before creating scripts, cron jobs, API integrations, payments, account changes, or production workflow changes.
If connected to real admin tools, the agent could affect employee accounts, team memberships, and business access controls.
The onboarding workflow examples involve privileged account administration, which is expected for business automation but sensitive.
→ Create accounts (email, Slack, GitHub, etc.) → Add to teams & channels
Only connect least-privilege admin credentials, test in a sandbox first, and require approval for account creation, permission changes, and access revocation.
Scheduled automations can continue running and affecting systems after setup if they are not tracked and removable.
The workflow template includes scheduled execution, which is normal for automation but can persist beyond the initial request.
cron: "0 9 * * 1-5" # Weekdays at 9 AM
Keep an inventory of any scheduled jobs or webhooks created through this skill, document owners, and include rollback or disable steps.