Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Ecommerce Manager Claw
v1.0.1Manage ecommerce store backends in real time via their APIs. Use this skill whenever the user mentions their online store, shop, or ecommerce platform — even...
⭐ 0· 304·4 current·5 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to manage ecommerce backends and its references and credential lists map directly to Shopify, WooCommerce, BigCommerce, Wix, PrestaShop, Magento, Amazon SP-API, Etsy, and Shopware APIs — the requested tokens/keys are what those platforms require.
Instruction Scope
SKILL.md instructs the agent to always ask for platform credentials and to 'always use this skill when the user mentions their store' which is overly broad. It tells the agent to collect long-lived admin tokens/secrets via conversation and reassures users 'these are only used for this session and are never stored anywhere' — a claim the skill cannot enforce or prove. There is no secure input or OAuth redirect flow described, no logging/privacy guidance, and no mechanism shown to prevent credentials being echoed, logged, or exfiltrated.
Install Mechanism
Instruction-only skill with no install, no binaries, and no downloaded code — lowest install risk.
Credentials
Although the exact credentials requested (admin API tokens, client secrets, refresh tokens) are proportional to the task, the skill asks the user to paste these high‑privilege secrets directly into the conversation. There are no limits suggested (e.g., read-only scopes, ephemeral tokens) and no secure handling instructions beyond an unverifiable reassurance.
Persistence & Privilege
The skill itself is not marked always:true and has no install persistence, but its runtime instructions encourage active credential collection whenever a store is mentioned. Combined with normal autonomous invocation, this could lead to the agent prompting for secrets without a clear secure channel or user expectation. The skill does not describe whether it can store tokens, how long it will keep them, or whether logs will contain them.
What to consider before installing
This skill appears to do what it says, but it asks users to provide admin API tokens, client secrets, and refresh tokens directly in chat — which is risky. Before enabling/installing: 1) Do not paste owner-level credentials into a chat window; instead prefer OAuth or short-lived / least-privilege tokens. 2) Ask the skill author how credentials are transmitted, stored, and logged (searchable logs, telemetry, retention). 3) If you must test, create a throwaway store or use a read-only or limited-permission API key and revoke it afterward. 4) Consider disabling autonomous invocation (or require explicit user consent) so it won’t prompt for secrets whenever your store is mentioned. 5) Prefer skills that implement a secure OAuth redirect flow or use platform-native app integrations rather than asking users to paste secrets into free-form chat. If the author cannot justify secure handling and ephemeral/least-privilege tokens, treat the skill as unsafe to use with production credentials.Like a lobster shell, security has layers — review code before you run it.
latestvk972bng91s60mk789xdv1pn14983a024
License
MIT-0
Free to use, modify, and redistribute. No attribution required.