Clawpify
v0.1.0Query and manage Shopify stores via GraphQL Admin API. Use for products, orders, customers, inventory, discounts, and all Shopify data operations.
⭐ 6· 2.2k·2 current·2 all-time
by@alhwyn
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description claim full Shopify Admin GraphQL capabilities, but the skill declares no required credentials, no primaryEnv, and no config paths — yet interacting with the Shopify Admin API requires a shop domain and an admin API access token (or equivalent OAuth credentials). The dependency on a 'shopify_graphql' tool is the only mechanism shown to reach Shopify, but its provenance is unspecified. This mismatch between claimed capability and declared required secrets is inconsistent and unexplained.
Instruction Scope
SKILL.md stays within the Shopify GraphQL domain: it provides queries/mutations, error-checking, pagination guidance, and explicit permission rules for destructive operations. It does not instruct reading arbitrary local files or unrelated environment state. However, it does not explain how credentials are supplied to the 'shopify_graphql' tool or how the tool handles requests/responses, which leaves an operational gap that affects security/privacy.
Install Mechanism
There is no install spec and no code files (instruction-only), which is low-risk in isolation. The notable item is the dependency listed: 'Tool: shopify_graphql (from MCP server or custom function)'. That indicates the skill expects either a remote managed component (MCP server) or a locally provided function; the remote option could route store data through an external server. The SKILL.md does not clarify whether traffic stays within the user's environment or is proxied via a third-party.
Credentials
No environment variables or credentials are declared, despite the skill requiring access to sensitive store data (products, orders, customers, inventory, refunds, bulk exports). This is disproportionate: at minimum the store domain and an admin API token (or OAuth client/secret) are needed. The absence of declared secrets and the vague external tool both raise the possibility that credentials would be requested or routed at runtime in an ad-hoc way, increasing the risk of credential leakage.
Persistence & Privilege
The skill does not request persistent presence (always:false) and does not declare writes to agent/system configuration. Autonomous invocation is allowed (platform default). There is no explicit mechanism in the SKILL.md to persist credentials or modify other skills' settings.
What to consider before installing
This skill appears to be a comprehensive Shopify GraphQL reference and lists many powerful operations (including bulk exports, refunds, inventory adjustments, discount activation, and deletes). Before installing or enabling it, verify these points: 1) Where does the 'shopify_graphql' tool actually run? If it uses an MCP (managed) server, who operates that server and will your shop data (queries/responses) route through it? 2) How will credentials be provided and stored? The SKILL.md does not declare required env vars (e.g., SHOPIFY_STORE_DOMAIN, SHOPIFY_ADMIN_API_TOKEN) — insist on a clear mechanism that keeps credentials local or in a vetted secret store. 3) Confirm explicit confirmation UX for destructive operations (the skill documents permission checks, but you should verify the agent enforces them). 4) Because the references include bulk-export queries and customer data fields, avoid granting broad read/export scopes until you trust the tool’s operator and storage/retention policy. If the provider cannot answer how the shopify_graphql endpoint is hosted and how credentials are handled, treat the skill as high risk and do not install it.Like a lobster shell, security has layers — review code before you run it.
latestvk97126rr7bphjsjhwth3j6n5nx80qbdf
License
MIT-0
Free to use, modify, and redistribute. No attribution required.