returns-refund-policy

SUSPICIOUS. The skill's core purpose and capabilities mostly align: configuring return policies through known ecommerce returns tools or local policy code is coherent. However, the ReturnGO installation/source instructions are internally inconsistent with verified official domains, and the documented ReturnGO integration requires forwarding WooCommerce API credentials to the vendor, which materially increases risk. This is not confirmed malware, but it is a medium-to-high risk business-operations skill due to third-party trust expansion and credential-sharing requirements.