Order From Whole Foods
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill is clearly intended to automate Whole Foods ordering, but users should understand that it can use their logged-in Amazon session to place purchases automatically if their saved policy allows it.
Install only if you are comfortable with an agent using your logged-in Amazon/Whole Foods browser session. For safest first use, set `purchase_mode` to `add_to_cart_only` or `confirm_before_buy` to `true`, keep `max_auto_spend` low, and verify any connected calendar behavior.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If configured for auto-buy, the agent may spend money and place a Whole Foods order without asking again for each checkout.
The skill can drive browser checkout and place an order without a final confirmation when the saved policy allows it. This is disclosed and purpose-aligned, but it is a high-impact action.
"purchase_mode": "auto_buy", "confirm_before_buy": false ... `purchase_mode: auto_buy` may place the order without confirmation only when ... the estimated total is less than or equal to `max_auto_spend`
Use `add_to_cart_only` or `confirm_before_buy: true` unless you explicitly want automatic purchases, and set a conservative `max_auto_spend`.
The agent can interact with the logged-in shopping account, including cart, delivery address, payment-backed checkout flow, and past purchase information.
The skill intentionally uses the user's browser session rather than collecting credentials. That is safer than handling passwords directly, but it still lets the agent act through the user's Amazon/Whole Foods account.
Prefer the default OpenClaw browser profile ... Do not ask the user for Whole Foods or Amazon credentials. If login is required, ask the user to log in manually in the OpenClaw browser
Use a dedicated browser profile if possible, stay present during first use, and confirm that the account, address, and payment method shown at checkout are correct.
Incorrect saved settings or stale past-purchase assumptions could lead to unwanted item choices or automatic checkout within the configured policy.
The skill uses persistent configuration and account purchase history to guide item selection and checkout behavior. This is useful for grocery ordering, but persistent preferences and past purchases can strongly affect future actions.
Treat the user's saved config as policy, not as a suggestion ... Start at that storefront URL and look for the user's past purchases / buy-again / previous Whole Foods items before using live search.
Review the saved OpenClaw config periodically and check early orders carefully so the policy and item preferences match your intent.
Confirmed delivery or pickup windows may be added to your calendar automatically if calendar support is connected and enabled.
The skill can propagate a completed order into a connected calendar when enabled. This is disclosed and related to delivery coordination, but it mutates another account/service.
`calendar_blocking_enabled`: boolean ... Do you want me to automatically add confirmed Whole Foods delivery or pickup windows to your calendar when calendar support is connected?
Enable calendar blocking only if you want these events created automatically, and verify which calendar account is connected.