ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Shopify Directory

v1.0.0

Discover Shopify merchants by category or store name through Lobster Stores. Use when a buyer wants help finding the right merchant for coffee, cookies, supp...

0· 231·0 current·0 all-time
byAdolfo Builes@abuiles
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name and description match the instructions: the skill only maps buyer intents to a fixed list of Lobster category domains and tells the agent to read those category site skill.md files. No unrelated binaries, credentials, or installs are requested.
Instruction Scope
The SKILL.md explicitly instructs the agent to re-fetch and treat remote https://<domain>/skill.md files from the listed Lobster domains as the source of truth and follow their instructions. That is coherent with a directory-style skill, but it means the agent will dynamically execute behavior driven by external text — a supply-chain/execution risk because those remote files could change or contain instructions that go beyond discovery (including asking for data or directing network actions).
Install Mechanism
Instruction-only skill with no install spec, no code files, and no downloads. Nothing is written to disk by the skill package itself.
Credentials
No environment variables, credentials, or config paths are requested. The lack of requested secrets is proportionate to the described directory/discovery function.
Persistence & Privilege
always:false and no claims of modifying other skills or persistent agent configuration. The skill does permit autonomous invocation (platform default) but does not request elevated persistence.
Assessment
This skill is internally consistent and doesn't ask for secrets or install code, but it delegates behavior to external skill.md files on the listed Lobster domains. Before installing, consider whether you trust those domains and the platform's safeguards: remote skill.md content can change and could instruct the agent to perform actions you wouldn't expect. Recommended mitigations: (1) restrict the agent from fetching arbitrary external instructions or require user approval before following external instructions; (2) review the actual content of the listed category skill.md pages to ensure they don't request credentials or ask the agent to transmit user data; (3) ensure the agent never collects payment details in-chat and always hands checkout to the merchant's native Shopify checkout as instructed. If you need higher assurance, request that the skill be converted to a static directory (embedded data) or that the platform sandbox/whitelist remote skill.md sources.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dv3pd4jjskz3g827542dq9x8357yv

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments