ClawHub
Back to skill

Security audit

alphashop-sel-newproduct

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do the AlphaShop product-research work it describes, but it needs review because required API credentials and outbound API use are under-declared and documented inconsistently.

Install only if you trust AlphaShop with your product-research queries and use a dedicated, revocable API key. Prefer OpenClaw secret/env management over plaintext .env files, do not commit credential files, avoid running test.sh with an untrusted .env, and review saved JSON reports for sensitive business data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (8)

Lp3

Medium
Category
MCP Least Privilege
Confidence
83% confidence
Finding
The skill declares `primaryEnv: none` and no required environment permissions, yet the documentation clearly indicates use of environment-held API credentials, network access to external endpoints, and file output under `output/`. This mismatch is dangerous because it hides the skill's real capabilities from reviewers and operators, undermining least-privilege controls and informed consent about external data transmission and local artifact creation.

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The document first instructs users to configure `ALPHASHOP_ACCESS_KEY` and `ALPHASHOP_SECRET_KEY`, then later states `无需鉴权` and that the API is public and needs no token. This contradiction is security-relevant because it can lead operators to mis-handle secrets, send credentials unnecessarily, or misunderstand whether the remote service is authenticated, all of which increase the risk of credential exposure and unsafe deployment assumptions.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The quickstart instructs users to place long-lived API credentials directly in shell commands, a .env file, and a plaintext OpenClaw config without any warning about shell history, file permissions, accidental commits, or secret rotation. This creates a real risk of credential leakage through terminal history, local filesystem exposure, backups, screenshots, or source control, especially because these keys appear to grant access to a commercial platform API.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
Using 'source .env' executes the contents of the local .env file in the current shell rather than merely parsing key-value pairs. If the .env file is modified by an attacker or contains shell metacharacters/commands, running the test script can trigger arbitrary code execution and expose any credentials loaded into the shell.

External Transmission

Medium
Category
Data Exfiltration
Content
| 接口 | 方法 | URL | 响应耗时 |
|------|------|-----|---------|
| 关键词搜索API | POST | `https://api.alphashop.cn/opp.selection.keyword.search/1.0` | 10秒内 |
| 新品报告API | POST | `https://api.alphashop.cn/opp.selection.newproduct.report/1.0` | 10秒内 |

## 注意事项
Confidence
79% confidence
Finding
https://api.alphashop.cn/

External Transmission

Medium
Category
Data Exfiltration
Content
| 接口 | 方法 | URL | 响应耗时 |
|------|------|-----|---------|
| 关键词搜索API | POST | `https://api.alphashop.cn/opp.selection.keyword.search/1.0` | 10秒内 |
| 新品报告API | POST | `https://api.alphashop.cn/opp.selection.newproduct.report/1.0` | 10秒内 |

## 注意事项
Confidence
79% confidence
Finding
https://api.alphashop.cn/

Credential Access

High
Category
Privilege Escalation
Content
# 复制示例文件
cp .env.example .env

# 编辑 .env 文件,填入真实凭证
vim .env

# 加载环境变量
Confidence
90% confidence
Finding
.env

Credential Access

High
Category
Privilege Escalation
Content
cp .env.example .env

# 编辑 .env 文件,填入真实凭证
vim .env

# 加载环境变量
source .env
Confidence
88% confidence
Finding
.env

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal