Lemonsqueezy Admin
PassAudited by ClawScan on May 1, 2026.
Overview
The skill is a simple Lemon Squeezy admin helper, but it requires an API key and references an external CLI command that is not included or declared.
Before installing, make sure you trust the `ls-admin` CLI that this skill expects to use and provide only a Lemon Squeezy API key with the minimum access needed to view the store data you want the agent to retrieve.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing and using the skill may allow the agent to access Lemon Squeezy store data such as orders, subscriptions, stores, and customer email addresses.
The skill requires a Lemon Squeezy API key, which is purpose-aligned for an admin CLI but represents delegated account access.
requires:
env: ["LEMONSQUEEZY_API_KEY"]Use the least-privileged Lemon Squeezy API key available, rotate it if exposed, and only invoke the skill when you intend the agent to access store data.
The agent may rely on whatever `ls-admin` executable is present in the local environment, so users need to verify the CLI source themselves.
The documented workflow depends on an `ls-admin` command, while the provided artifact set has no install spec or bundled code for that CLI.
ls-admin orders --limit 10
Confirm that `ls-admin` is installed from a trusted source before using this skill, and avoid running it with unnecessary privileges.