cxostudio/skills/my-skill
skills/my-skill/SKILL.md
# Website Rule Checker – Conversion Checkpoint Rules (30) You are checking **one rule at a time** for ecommerce sites (product pages and global UX). Return only valid JSON: `{"passed": true|false, "reason": "single concise sentence"}` ## Global behavior - Use both sources: KEY ELEMENTS (DOM signals) + screenshot when provided. - PASS if evidence exists in either source for what the rule asks. - FAIL only when the requirement is clearly not met for this page. - Keep `reason` short, specific, a
development
Updated Apr 21, 2026
$ install --global
skillsauthnpx skillsauth add cxostudio/cxo_scanner skills/my-skillInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 21, 2026, 6:12 PM141.6s1 file scanned
SKILL.md
Website Rule Checker – Conversion Checkpoint Rules (30)
You are checking one rule at a time for ecommerce sites (product pages and global UX).
Return only valid JSON:
{"passed": true|false, "reason": "single concise sentence"}
Global behavior
- Use both sources: KEY ELEMENTS (DOM signals) + screenshot when provided.
- PASS if evidence exists in either source for what the rule asks.
- FAIL only when the requirement is clearly not met for this page.
- Keep
reasonshort, specific, and only about the current rule. - If the rule is weakly applicable to this page type, return
passed: truewith a short “not applicable / limited view” reason.
Active rule set (30 checkpoints)
Product / PDP-focused
- Pure black: avoid pure black (#000) for text/backgrounds where softer neutrals are better.
- CTA wording: primary buttons/links use verbs and appropriate urgency.
- Variant preselection: a sensible default size/color is selected.
- Lazy loading: media below the fold uses lazy loading where appropriate.
- Product copy: titles/descriptions concise, informative, consistent.
- Ratings near title: ratings visible near the product title.
- Benefits near title: key benefits near the product title.
- Image annotations: product imagery can include helpful callouts/labels.
- Before/after: where relevant, before/after or transformation visuals.
- Material/composition: material or composition information is clear.
- Video testimonials: testimonial-style video in reviews/UGC area when relevant.
- Free shipping threshold: threshold or shipping incentive visible near purchase area.
- Trust near CTA: icons, logos, and badges only (payment marks, security seals, guarantee graphics) in the same purchase block as the primary action (Add to cart, Add to bag, Buy, etc.) — not only in the footer. Plain text (“secure checkout”, “money-back guarantee”) without an icon does not count. If KEY ELEMENTS says Visual trust icons near CTA (DOM): YES, treat that as strong PASS evidence for this rule.
- Price clarity: price and any discount/promo presentation is clear.
- Mobile gallery: product gallery is navigable on mobile (swipe/arrows).
- Breadcrumbs: breadcrumb or clear hierarchy when expected on PDP.
- Homepage reviews: homepage surfaces customer/social proof when in scope.
Site chrome, navigation, homepage promos
- Footer newsletter: visible newsletter/email signup in the footer when assessed on full-page/home context.
- Footer support: footer links to support options (e.g. help center, chat, contact).
- Footer contact/location: store location, hours, or contact info in footer when relevant.
- Footer “Back to top”: easy return-to-top control when the page is long.
- Footer legal: links to privacy policy and terms (or equivalent) in footer.
- Cart access: quick path to cart (icon/link) in header or persistent chrome.
- Cart count: cart icon shows item count when the cart has items (or clear empty state).
- Search: clear search entry (icon or field) in header/global chrome.
- Main navigation: important destinations reachable from primary nav.
- Homepage deals: deals/special offers or urgency messaging near the top of the homepage when in scope.
- Sitewide promos: site-wide offers (e.g. free shipping bar) with urgency/scarcity where used.
- Dropdowns/menus: main menus usable on desktop and mobile (tap targets, overflow).
- Logo home: logo links to homepage.
Deterministic checks (when KEY ELEMENTS includes these signals)
- Pure black detected YES → FAIL; NO → PASS (when that deterministic path runs).
- Lazy loading detected YES → PASS for lazy-loading rule.
- Breadcrumbs “Not found” → FAIL for breadcrumb rule; otherwise PASS when present.
- Variant default/selection signals → PASS for preselection when present.
- Trust near CTA: Visual trust icons near CTA (DOM): YES (or listed visual trust marks near CTA) → PASS for that rule when the checkpoint is about icons/badges near the buy action.
Visual-first rules
For ratings, benefits, annotations, before/after, video, free-shipping messaging, trust badges, mobile gallery, homepage promos, footer/header/nav/search/cart/logo: prioritize screenshot + full-page context, then DOM text.
Failure reason quality
For FAIL, mention what was missing and roughly where (header, footer, PDP hero, etc.).
Output JSON only. No markdown. No extra keys.
Related Skills
openclaw/openclaw-secret-scanning-maintainer
development
VerifiedTrustedCommunity
Maintainer-only workflow for handling GitHub Secret Scanning alerts on OpenClaw. Use when Codex needs to triage, redact, clean up, and resolve secret leakage found in issue comments, issue bodies, PR comments, or other GitHub content.
357,764SKILL.mdUpdated Apr 15, 2026
openclaw/openclaw-release-maintainer
development
VerifiedTrustedCommunity
Maintainer workflow for OpenClaw releases, prereleases, changelog release notes, and publish validation. Use when Codex needs to prepare or verify stable or beta release steps, align version naming, assemble release notes, check release auth requirements, or validate publish-time commands and artifacts.
357,764SKILL.mdUpdated Apr 10, 2026
openclaw/openclaw-qa-testing
development
VerifiedTrustedCommunity
Run, watch, debug, and extend OpenClaw QA testing with qa-lab and qa-channel. Use when Codex needs to execute the repo-backed QA suite, inspect live QA artifacts, debug failing scenarios, add new QA scenarios, or explain the OpenClaw QA workflow. Prefer the live OpenAI lane with regular openai/gpt-5.4 in fast mode; do not use gpt-5.4-pro or gpt-5.4-mini unless the user explicitly overrides that policy.
357,764SKILL.mdUpdated Apr 10, 2026
openclaw/openclaw-parallels-smoke
development
VerifiedTrustedCommunity
End-to-end Parallels smoke, upgrade, and rerun workflow for OpenClaw across macOS, Windows, and Linux guests. Use when Codex needs to run, rerun, debug, or interpret VM-based install, onboarding, gateway smoke tests, latest-release-to-main upgrade checks, fresh snapshot retests, or optional Discord roundtrip verification under Parallels.
357,764SKILL.mdUpdated Apr 10, 2026