1688 Marketing
PassAudited by VirusTotal on May 10, 2026.
Overview
Type: OpenClaw Skill Name: 1688-marketing Version: 0.1.0 The skill bundle is a legitimate tool for 1688 marketing operations, providing capabilities for activity enrollment and business opportunity queries. It follows security best practices by using only the Python standard library, implementing local encryption (PBKDF2 and SHA-256) for Access Keys in `ak_crypto.py`, and utilizing a transient local callback server for OAuth flows. All network activity is directed to official 1688.com domains (e.g., skills-gateway.1688.com), and the AI instructions in `SKILL.md` include explicit safety guardrails requiring user confirmation for any write operations.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A valid 1688 access token could be exposed to the agent context or logs and may allow actions within its authorized scope.
The get_token command can print a live OAuth access token into stdout, which may enter the agent transcript, logs, or be reused outside the intended API call path.
"access_token": token_check["access_token"]
Avoid returning raw tokens to the agent or user. Keep tokens in local secure storage, perform scoped API calls internally, and redact token values from all command output.
During the authorization window, another device on the same network may be able to reach the callback listener, increasing credential-handling exposure.
The authorization callback server is configured to bind to all network interfaces on non-Windows systems instead of loopback only, even though it handles AK/OAuth callback data.
CALLBACK_BIND_ADDRESS = "127.0.0.1" if _sys.platform == "win32" else "0.0.0.0"
Bind the callback server to 127.0.0.1 or localhost on all platforms unless there is a documented need for external access, and keep state validation enabled.
If confirmed, the agent can submit activity enrollment data that affects the merchant account.
The skill can perform a write action that enrolls a product in a 1688 marketing activity, but the artifact explicitly requires merchant confirmation before execution.
`1688_enroll_submit_item` | 提交活动报名(⚠️写入) ... **必须在商家确认建议价后才能执行**,不得自动提交
Before approving submission, verify the activity ID, item ID, SKU list, and prices; do not allow automatic submission without explicit confirmation.
The agent may open a browser authorization page as part of setup.
The skill directs the agent to use browser automation when an authorization URL is returned. This is purpose-aligned for login/authorization, but it is strong tool-use instruction.
输出中只要出现 `"action": "browser_use"`,Agent **必须立即**调用 `browser_use` 工具打开 `url` 字段中的链接
Only proceed with browser authorization when you intentionally requested setup or login, and verify the URL is an expected 1688/ClawHub authorization page.
A local helper process may keep running briefly after the CLI returns while waiting for authorization.
The skill starts a background callback server for authorization. It is disclosed and time-bounded, so this is a persistence note rather than hidden behavior.
`get_ak` 和 `authorize` 命令输出一条 JSON 后**立即退出**,回调服务器作为独立后台进程继续运行(最长 300 秒)
Use this only in trusted sessions and confirm the helper stops after authorization or timeout.
Basic usage metadata is sent to the skill gateway whenever commands run.
The skill discloses automatic usage reporting to a 1688 skill gateway. The reported fields are described as skill name, version, scene, and channel.
每次 CLI 命令执行时,自动向 skill 网关上报一次调用记录,用于统计 skill 调用次数
Install only if you are comfortable with disclosed usage reporting, and prefer an opt-out or clearer privacy control if available.