Afrexai Business Automation TEMP
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: afrexai-business-automation-temp Version: 1.0.0 The afrexai-business-automation skill bundle is a comprehensive framework designed to guide an AI agent in performing business process audits and automation. It provides structured templates for workflow design, ROI calculation, and implementation using standard agent capabilities like `cron`, `exec` (for curl/jq), and `web_fetch`. While it encourages the use of powerful system tools, all instructions in SKILL.md and README.md are strictly aligned with the stated purpose of business automation and lack any indicators of data exfiltration, persistence, or malicious prompt injection.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user may be reviewing one package but be directed toward a differently named package or unclear owner, making it harder to verify provenance.
The registry identity differs from the embedded _meta.json slug/owner and the README install command, which point to afrexai-business-automation rather than the evaluated temp package.
Slug: afrexai-business-automation-temp; Owner ID: kn7favg91765ttv6tt0fb1ycv582wktt
Verify the publisher and intended slug before installation, and ask the maintainer to align registry metadata, _meta.json, and README install instructions.
The agent could help build or run automations that modify business records, send notifications, or operate recurring jobs without a clearly stated approval gate in the artifacts.
This directs the agent toward broad execution and integration mechanisms; combined with finance, HR, CRM, and support automation examples, this can lead to high-impact changes if not explicitly approved and scoped.
Implement using agent tools — cron jobs, APIs, scripts, notifications
Use the skill for design and documentation by default, and require explicit human approval before creating scripts, cron jobs, API integrations, payments, account changes, or production workflow changes.
If connected to real admin tools, the agent could affect employee accounts, team memberships, and business access controls.
The onboarding workflow examples involve privileged account administration, which is expected for business automation but sensitive.
→ Create accounts (email, Slack, GitHub, etc.) → Add to teams & channels
Only connect least-privilege admin credentials, test in a sandbox first, and require approval for account creation, permission changes, and access revocation.
Scheduled automations can continue running and affecting systems after setup if they are not tracked and removable.
The workflow template includes scheduled execution, which is normal for automation but can persist beyond the initial request.
cron: "0 9 * * 1-5" # Weekdays at 9 AM
Keep an inventory of any scheduled jobs or webhooks created through this skill, document owners, and include rollback or disable steps.