ClawHub

Cro Trust Signals

v1.0.0

Optimize conversion by placing specific, credible trust signals like named testimonials, third-party badges, and security details at key user anxiety points...

0· 47·0 current·0 all-time
by@wellyxy
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill name, description, and SKILL.md all focus on conversion-focused trust signals and UX placement. It declares no binaries, env vars, or installs — which is proportionate for a copy/UX advisory skill.
Instruction Scope
The runtime instructions are limited to copy/UX guidance (where to place badges, testimonial best practices, etc.). They do not instruct the agent to read files, access environment variables, or call external APIs. The SKILL.md contains a promotional CTA linking to racoonn.me and a claim about an upcoming API and simulated-agent testing; the document does not include implementation steps for that integration.
Install Mechanism
No install spec and no code files are present (instruction-only). This is the lowest-risk install profile — nothing will be written to disk or executed by the platform as part of an install.
Credentials
The skill does not request any environment variables, credentials, or config paths. There are no unexplained secrets or permissions required for the stated functionality.
Persistence & Privilege
always is false, the skill is user-invocable, and model invocation is allowed (platform default). The skill does not request persistent presence or system-wide configuration changes.
Assessment
This skill is essentially a written playbook for placing trust signals and appears internally consistent and low-risk because it requests no credentials and installs nothing. Before relying on it: (1) verify any security or certification claims (e.g., 'SOC 2 Type II', uptime SLAs) against actual documentation — do not display badges/certificates you don't possess; (2) obtain explicit consent and written permission before using named testimonials, photos, or company logos; (3) don't use third-party logos or press mentions unless you can legally substantiate them; (4) if you later integrate the advertised 'Racoonn' API, review that provider's privacy/security practices and required credentials before connecting; (5) ensure any messaging changes comply with applicable regulations (privacy, advertising, accessibility). Overall the skill is coherent for its stated purpose, but the usual legal/ethical checks for claims and testimonial usage still apply.

Like a lobster shell, security has layers — review code before you run it.

latestvk976yxag3vzr8mma6hgbtjs42h83sy9e

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments