ClawHub

Amazon Opportunity Discoverer

v1.0.1

Automated product opportunity scanner for Amazon sellers. Scans categories using 14 preset selection strategies, validates candidates with real-time data, br...

0· 98·0 current·0 all-time
by@apiclaw
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description promise (Amazon opportunity scanner) matches the provided script and SKILL.md which call APIClaw endpoints; the only required credential is APICLAW_API_KEY which is appropriate for the declared API usage.
Instruction Scope
SKILL.md restricts actions to calling APIClaw endpoints and running the included script; instructions do not request unrelated files or system credentials. Minor scope note: the script will also look for a local config.json beside scripts/ as an alternative source for the API key (documented in code), so credential placement can be either env var or that skill-local file.
Install Mechanism
No install spec or external downloads; this is an instruction-only skill with an included Python script. There is no remote install or archive extraction that would increase risk.
Credentials
Only APICLAW_API_KEY is required and is the expected credential for the declared API. Caveat: the script supports reading an api_key from a config.json in the skill directory, which could expose the key if stored in a shared location—use the environment variable for least exposure.
Persistence & Privilege
always:false and default autonomy settings are used. The skill does not request persistent system-wide privileges or modify other skills; it only reads its own local config path (optional).
Assessment
This skill appears coherent with its purpose: it needs only APICLAW_API_KEY and calls the APIClaw endpoints described. Before installing, verify you trust the source (review the repo/homepage), supply the API key via an environment variable rather than dropping it into a shared config.json in the skill directory, and be aware the included Python script will make network calls to https://api.apiclaw.io. If you want extra assurance, inspect the full scripts/apiclaw.py file for any unexpected endpoints or logging/transmission of your key, and consider creating a limited/monitoring API key (or usage alerts) on apiclaw.io to detect unexpected usage.

Like a lobster shell, security has layers — review code before you run it.

latestvk974yc6tg1hrd1q7d7q8pb601n84s3qa

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

EnvAPICLAW_API_KEY
Primary envAPICLAW_API_KEY

Comments