ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

ShopGeni

v1.0.0

AI-powered shopping assistant. Search for products by text or image, and find the best prices across Amazon, Google Shopping, and brand stores.

0· 82·0 current·0 all-time
byJun Liu@archroad
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The script implements the advertised features (text and image search, price comparison) by POSTing queries and images to a remote unified-shopping SSE endpoint. That capability aligns with the skill description. However the default API host (https://nestor-api.beyondstyle.us) is not documented in SKILL.md as an explicit trust boundary and the skill creates a persistent client identifier under ~/.config/nestor/skill_id, which is additional footprint beyond a pure query helper.
Instruction Scope
SKILL.md instructs invoking the included Python script with local image paths or image URLs and discusses the 'backend' doing searches; that matches the script. The instructions do not call for reading unrelated local files, but the script will read any path passed via --image and upload its bytes to the remote API, so users (or an agent acting on their behalf) could accidentally transmit sensitive files if given improper input.
Install Mechanism
This is an instruction-only skill with a small helper script and no install spec. Nothing is downloaded at install time and no archive extraction occurs.
!
Credentials
No environment credentials are requested, which is proportional. However the script generates and stores a persistent per-installation identifier (~/.config/nestor/skill_id) and sends it in the X-Nst-Sig header with every request; this is a fingerprint that is not documented in SKILL.md. The default API URL is a third-party domain; sending user queries, images, and a persistent ID to that host is a privacy/credentiality concern if you don't trust the operator.
Persistence & Privilege
always:false and no special system privileges are requested. The script does write one small config file in the user's home directory (~/.config/nestor/skill_id) to persist a client id (used for rate-limiting/fingerprinting). This is limited persistence scoped to the user's account, but it is persistent and present on disk.
What to consider before installing
This skill will upload your search text and any local image file you pass to a remote API (default: nestor-api.beyondstyle.us) and it will create a small persistent ID file at ~/.config/nestor/skill_id that is sent with requests. Only install/use it if you trust that remote service and its privacy practices. Before installing: (1) verify the service operator and domain (beyondstyle.us) and their privacy policy; (2) avoid passing sensitive local files as --image; (3) consider overriding --api-url to a trusted endpoint or running the skill in a network-isolated environment; (4) if you need full assurance, open and review scripts/shopgeni.py yourself and remove or sandbox the skill if you are uncomfortable with outbound uploads or the persistent ID file.

Like a lobster shell, security has layers — review code before you run it.

latestvk974hk15x8n4q9emfdgvqracg184hnak

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🛍️ Clawdis
OSmacOS · Linux
Binspython3

Comments