← Back to Skills Marketplace
Mova Supply Chain Risk
by
Sergii Miasoiedov
· GitHub ↗
· v1.0.1
· MIT-0
184
Downloads
0
Stars
0
Active Installs
4
Versions
Install in OpenClaw
/install mova-supply-chain-risk
Description
Screen suppliers against sanctions lists, PEP registries, ESG ratings, and financial stability data via MOVA HITL, then route findings through a human procur...
Usage Guidance
This skill appears coherent for supplier screening: it will send supplier names/IDs/countries and procurement metadata to the MOVA service and to sanctions/ESG/registry connectors and enforces a human decision gate. Before installing or using it: (1) verify the provenance of the openclaw-mova plugin and only install it from a trusted source; (2) ask the plugin owner what API keys or credentials are required and how they are stored; (3) confirm you are allowed (legally and contractually) to transmit supplier data to the listed external endpoints and whether data residency/GDPR rules apply; (4) test with non-sensitive or synthetic data first; and (5) request the plugin's privacy/security documentation (where data is stored, retention, auditability, and who can access the audit journal). If you want, provide the openclaw-mova plugin manifest or link and I can re-evaluate for any missing permissions or mismatches.
Capability Analysis
Type: OpenClaw Skill
Name: mova-supply-chain-risk
Version: 1.0.1
The skill provides a legitimate workflow for supply chain risk assessment and due diligence using the MOVA HITL plugin. It documents data transfers to 'api.mova-lab.eu' for screening against sanctions and ESG databases, and it includes explicit instructions for the agent to avoid manual HTTP requests or shell execution, focusing instead on structured tool calls for auditing and decision-making.
Capability Assessment
Purpose & Capability
The name and description (supplier screening, sanctions/PEP/ESG/financial checks with human gate) align with the instructions: submit supplier batches to MOVA, show risk bands, and require human sign-off. The external services referenced (MOVA API, sanctions/ESG/registry connectors) are appropriate for the stated purpose.
Instruction Scope
Instructions are focused on screening and a mandatory human decision gate. They explicitly send supplier names/IDs/countries and procurement metadata to api.mova-lab.eu and to screening connectors — which is expected — but the SKILL.md does not list the actual credentials/authorization steps the plugin needs, nor does it include the plugin code. Also the README references screenshot files that are not present in the package (cosmetic).
Install Mechanism
This is an instruction-only skill (no install spec, no code), which is low-risk from an install perspective. It requires the 'openclaw-mova' plugin to be installed via OpenClaw; the SKILL.md suggests 'openclaw plugins install openclaw-mova'. The plugin itself is external to this skill and is the component that will perform network calls — verify the plugin source before installing.
Credentials
The skill declares no required environment variables or credentials in its metadata, but it transmits potentially sensitive supplier data to external services. In practice the MOVA plugin (not included) will likely require API keys or tokens; the absence of declared required credentials here means you should confirm what secrets the plugin needs and how they are stored/limited. Ensure you have legal authority to send supplier data to the listed endpoints.
Persistence & Privilege
The skill does not request persistent or elevated privileges (always:false). It documents that audit receipts are stored in MOVA R2 storage (external) and claims no local storage. There is no instruction to modify other skills or system-wide settings.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install mova-supply-chain-risk - After installation, invoke the skill by name or use
/mova-supply-chain-risk - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
Added Contract Skill type label.
v1.2.0
Fix: remove incorrect API key requirement
v1.1.0
Add demo screenshots from live agent run
v1.0.0
Initial release: supplier due diligence HITL — sanctions, PEP, ESG, financial stability screening
Metadata
Frequently Asked Questions
What is Mova Supply Chain Risk?
Screen suppliers against sanctions lists, PEP registries, ESG ratings, and financial stability data via MOVA HITL, then route findings through a human procur... It is an AI Agent Skill for Claude Code / OpenClaw, with 184 downloads so far.
How do I install Mova Supply Chain Risk?
Run "/install mova-supply-chain-risk" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Mova Supply Chain Risk free?
Yes, Mova Supply Chain Risk is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Mova Supply Chain Risk support?
Mova Supply Chain Risk is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Mova Supply Chain Risk?
It is built and maintained by Sergii Miasoiedov (@mova-compact); the current version is v1.0.1.
More Skills