Odoo Manager Bm
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
The skill is transparent about using Odoo credentials, but it gives the agent broad create/update/delete access to Odoo business data without clear safety limits.
Review this skill before installing. It is not showing malicious behavior, but it can make real changes across Odoo if given a powerful account. Use a dedicated least-privilege API key, confirm the target database before every write/delete operation, and avoid using production or administrator credentials unless you have strong safeguards.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If installed with powerful Odoo credentials, the agent could change or delete customer, sales, project, or other business records after a mistaken or overly broad request.
This grants broad raw API authority to create, read, update, and delete records across arbitrary Odoo models. The artifacts do not clearly bound destructive or bulk actions with approvals, allowlists, rollback, or production safeguards.
Manage Odoo (contacts, any business objects, and metadata) ... Supports generic CRUD operations on any model using execute_kw
Use a least-privilege Odoo user or API key, prefer staging first, require explicit user confirmation before create/update/delete/bulk operations, and restrict which models the agent may modify.
Using an administrator or broad-access account would give the agent the same broad authority over Odoo.
The credential requirement is purpose-aligned, but the API key inherits the full permissions of the Odoo user supplied to the skill.
La clé API donne le **même niveau d’accès** que ton utilisateur. Protége-la comme un mot de passe.
Create a dedicated Odoo integration user with only the models and operations needed, and rotate/revoke the API key if it is exposed.
A later request in the same session could unintentionally reuse the active Odoo database or credential context.
The skill can keep Odoo connection details and secrets in session context. This is disclosed and includes reset instructions, but it is still sensitive session state.
Set `user_*` (url, db, username, api_key/password) - Persist for the whole current session
Reset the Odoo context after sensitive work, avoid pasting admin secrets into chat, and verify the current URL/database before write operations.
It may be harder to confirm that the packaged skill exactly matches the registry entry you intended to install.
This embedded metadata differs from the supplied registry metadata for owner, slug, and version, creating a minor provenance/identity ambiguity even though no executable code is present.
"ownerId": "kn76t72fvt18xp6be8mf7t8ae180h70g", "slug": "odoo-manager", "version": "0.0.1"
Verify the publisher/source and expected version before granting Odoo credentials.