⚠️Install with caution. This skill has very few installs. Always review the source and verify it on clawhub.ai before installing. Community-built skills run with agent permissions — only install ones you trust.

🔐 Security & Audit

Vendor Risk Assessmentv1.0.0

Name: Vendor Risk Assessment
Author: 1kalin

afrexai-vendor-risk

1kalin

Evaluate and score vendors on security, financials, compliance, operations, and data handling to classify risk and manage remediation plans effectively.

compliancesecuritysecurity-scan

Download Package View on ClawHub

Installs (all time)

Installs (current)

Downloads

497

Stars

CreatedFeb 20, 2026

UpdatedFeb 26, 2026

Install & Quick Start

Install via ClawdBot CLI:

clawdbot install 1kalin/afrexai-vendor-risk

Skill Package2 files

📋SKILL.mdmarkdown

Failed to load file.

Quality Score

B56/100

Grade Fair — based on market validation, documentation quality, package completeness, maintenance status, and authenticity signals.

Market Validation2/35

· No tracked installs (may still have manual users)
· 345 downloads (low demand)

Documentation20/25

· SKILL.md present
· Detailed documentation (≥3000 chars)
· Contains usage examples or trigger description
· Detailed summary

Package Completeness9/15

· skillAssets present (1 files)

Security Analysis

💙 Low Risk

UNDOCUMENTED_EXTERNALlow

Calls external URL not in known-safe list

https://afrexai-cto.github.io/ai-revenue-calculator/

Audited Apr 18, 2026 · audit v1.0

💡

Usage Guide

Generated Mar 22, 2026

procurement teamsCISOsoperations leadersintermediate

💡 Application Scenarios

Healthcare SaaS Vendor Risk AssessmentHealthcare

A healthcare organization uses the skill to assess a new EHR vendor, focusing on HIPAA compliance, PHI data handling, and breach notification requirements. The assessment reveals gaps in the vendor's BAA and data residency, leading to contract renegotiation before implementation.

Financial Services Payment Processor ReviewFinancial Services

A fintech startup evaluates a payment processor vendor for PCI DSS compliance and financial stability. The scorecard highlights risks in customer concentration and uptime, prompting the startup to diversify vendors and strengthen SLAs to mitigate operational dependency.

E-commerce Peak Season Vendor AuditEcommerce

An e-commerce company assesses its CDN and fulfillment vendors before the holiday season, using the operational dependency and data handling domains. The review identifies single points of failure and inadequate disaster recovery plans, leading to backup vendor contracts being secured.

Manufacturing Supply Chain Risk ManagementManufacturing

A manufacturing firm applies the skill to IoT and MES vendors, evaluating risks like IP theft and production stoppages. The portfolio view shows high concentration risk in one vendor, driving the creation of an exit plan and migration strategy to reduce dependency.

Legal Firm Ediscovery Vendor Compliance CheckLegal

A law firm uses the skill to assess an ediscovery vendor for privilege breach risks and client data confidentiality. The compliance domain flags missing right-to-audit clauses, resulting in updated data processing agreements and enhanced access logging requirements.

💼 Business Models

SaaS SubscriptionRecurring monthly or annual subscription fees, typically $50-$500 per user per month depending on features and scale.

The skill is offered as a premium feature within a procurement or risk management SaaS platform, generating revenue through tiered subscriptions. Users pay monthly fees for access to advanced analytics, industry-specific templates, and automated quarterly reviews.

Consulting ServicesProject-based fees ranging from $10,000 to $100,000+ per engagement, depending on vendor count and complexity.

The skill is packaged with expert consulting services for enterprises needing hands-on vendor risk assessments. Revenue comes from project-based fees for initial setup, ongoing reviews, and remediation planning, often bundled with training sessions.

Freemium with UpsellsUpsell revenue from premium plans ($20-$200/month), one-time purchases of industry packs ($47 each), and commission from affiliate integrations.

A basic version of the skill is offered for free to attract users, with limitations on vendor counts or report features. Revenue is generated through upsells to premium plans, industry context packs, and integrations with other AI agent tools.

💬 Integration Tip

Integrate this skill with CRM or procurement software to auto-populate vendor data and sync risk scores, reducing manual entry and ensuring real-time updates across teams.