ClawHub
Back to skill
v1.0.8

Order From Whole Foods

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 8:26 AM.

Analysis

The skill’s grocery-ordering purpose is clear, but it can use a logged-in Amazon/Whole Foods browser session to place purchases automatically under saved policy settings.

GuidanceReview this skill carefully before installing. It is aligned with its stated grocery-ordering purpose, but it can spend money using your logged-in Amazon/Whole Foods session. Prefer review-first mode, require confirmation before buying, set a low maximum automatic spend, and consider using a dedicated browser profile.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityHighConfidenceHighStatusConcern
SKILL.md
`purchase_mode: auto_buy` may place the order without confirmation only when ... `confirm_before_buy` is `false` ... the estimated total is less than or equal to `max_auto_spend`

The browser automation workflow is allowed to complete checkout without a final user confirmation when policy conditions are satisfied.

User impactThe agent could place a real grocery order and charge the user’s Amazon/Whole Foods account without asking again for that specific checkout.
RecommendationUse `purchase_mode: add_to_cart_only` or set `confirm_before_buy: true` unless you are comfortable with automatic purchases; keep `max_auto_spend` low.
Cascading Failures
SeverityLowConfidenceHighStatusNote
SKILL.md
`calendar_blocking_enabled`: boolean ... Do you want me to automatically add confirmed Whole Foods delivery or pickup windows to your calendar when calendar support is connected?

The skill can propagate a confirmed delivery or pickup selection into a connected calendar, creating a persistent change outside the shopping site.

User impactIf the selected delivery window is wrong, the mistake could also appear on the user’s calendar.
RecommendationLeave calendar blocking disabled unless you want automatic calendar entries, or review calendar changes after each order.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityMediumConfidenceHighStatusConcern
SKILL.md
Prefer the default OpenClaw browser profile ... Do not ask the user for Whole Foods or Amazon credentials. If login is required, ask the user to log in manually in the OpenClaw browser

The skill relies on an authenticated browser session rather than a scoped credential, giving it practical access to the user’s Amazon/Whole Foods account context during automation.

User impactA logged-in browser profile may expose saved payment methods, delivery addresses, order history, and account capabilities needed to place orders.
RecommendationUse a dedicated browser profile for grocery ordering, review the account session before use, and avoid enabling automatic purchase mode unless intended.