AliMerce 商城助手
PassAudited by VirusTotal on May 8, 2026.
Overview
Type: OpenClaw Skill Name: alimerce Version: 0.1.0 The 'alimerce' skill bundle provides a standard set of tools for an e-commerce AI assistant, covering product, order, and user management. The instructions in SKILL.md and alimerce-mcp.md are consistent with the stated purpose and include proactive security guardrails, such as requiring manual approval for high-risk operations (e.g., product deletion) and explicitly instructing the agent to refuse unauthorized administrative role escalations. No evidence of malicious intent, data exfiltration, or suspicious execution patterns was found.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could make business-impacting changes to catalog, order, or user data without clearly documented approval for every risky write.
The MCP tool catalog includes impactful write operations, but the documented human-review list only covers a subset of those actions.
`product_update` 更新商品 ... `price`, `inventory`, `status`; `user_update` ... `name`, `role`; `order_update` ... `status`; 高风险操作 ... `product_delete`, `order_update` (status → shipped/delivered), `user_update` (role → admin)
Require explicit user or human-admin approval for all create/update/delete operations, especially price, inventory, order status, and user role changes; prefer read-only tools for customer-service workflows.
If the token has broad store privileges, the agent may receive more account authority than users realize from the registry listing.
The skill expects a backend API token, but the registry metadata declares no required environment variables or primary credential, and the token scope is not bounded in the artifacts.
通过环境变量配置:- `ALIMERCE_API_TOKEN` — API 认证 Token - `ALIMERCE_API_URL` — API 地址(默认 http://localhost:3000/api)
Declare the credential requirement in metadata, document the exact permissions needed, and use least-privilege tokens separated by read-only, customer-service, and admin operations.
Users must trust the external AliMerce MCP/API server and its approval enforcement because this package does not provide reviewable implementation code.
The reviewed package contains only instructions, while the behavior depends on external MCP tools/API behavior that is not included for verification.
Source: unknown; Homepage: none; No install spec — this is an instruction-only skill; No code files present
Install only with a trusted MCP server, review or pin the server implementation separately, and ensure high-risk approvals are enforced server-side rather than only by prompt instructions.
Customer preference or contact data could be retained and reused beyond the immediate conversation if the backend memory is not governed carefully.
The skill intentionally stores customer preferences and contact information for personalization; this is purpose-aligned but persistent customer memory needs clear privacy controls.
客户明确偏好后使用 `customer_preferences_update` 更新 ... 记住常用语言、偏好品类、联系方式等
Collect only explicitly provided preferences, avoid unnecessary contact data, document retention/deletion rules, and allow customers or admins to review and remove stored preferences.