Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Ecommerce Logistics
v1.0.0Aggregate logistics information from Taobao, JD, PDD, and Douyin. One-click query for multi-platform order tracking. Supports persistent cookie storage and Q...
⭐ 0· 56·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's purpose is to aggregate logistics for Taobao, JD, PDD, and Douyin and the code includes adapters and a Playwright-based browser to do that — which is coherent. However the SKILL.md and feature table say JD and Douyin are unsupported due to anti-bot measures while the repository contains full JD and Douyin adapters and the aggregator queries all four platforms. That mismatch (documentation vs. code) is an inconsistency that could indicate sloppy maintenance or unexpected functionality.
Instruction Scope
Runtime instructions ask the user to run npm install and run the CLI; the code will launch headful/headless browsers, perform navigation, click/UI-scrape, and persist cookies. Several adapters write debug files (screenshots and full HTML) to disk — notably Douyin adapter saves screenshot and page HTML to an absolute path (/Users/charles/.ecommerce-logistics/...). Those debug writes can capture sensitive pages (including HTML containing tokens, order details) and the path is hardcoded to a specific user, meaning the skill will try to write to unexpected locations. SKILL.md claims cookies are "stored encrypted" but the actual cookie encryption/storage implementation (auth-manager) was not supplied in the truncated listing — you should verify encryption and that nothing is sent to third-party endpoints.
Install Mechanism
There is no automated install spec in registry metadata, but SKILL.md instructs running npm install in scripts/, which will install Playwright. Playwright will download browser binaries (network activity and large downloads) when installed/first-run. Dependencies come from npm and node_modules.lock references registry mirrors; no arbitrary HTTP/extract install URLs were found. This is expected for a Playwright-based tool but increases installation surface compared to an instruction-only skill.
Credentials
The skill declares no required env vars (only an optional ECOM_LOGISTICS_DATA_DIR), which is proportionate. However code writes cookie and debug files into a home-directory path and the Douyin adapter contains hardcoded absolute debug paths under /Users/charles/ rather than honoring the dataDir option — that is unexpected and could leak sensitive HTML/screenshots into a path that may not be on the user's system or might create files in an attacker-observable path if the username matches. No other unrelated credentials are requested in code or SKILL.md.
Persistence & Privilege
The skill persists cookies and other files to the user's filesystem (~/.ecommerce-logistics by default) which is consistent with its purpose (persistent logins). It does not request always:true. Autonomous invocation is allowed by default (platform behavior) but that is not combined with any extra high privileges here. Still, stored cookies are sensitive and must be protected; verify how auth-manager encrypts them and where keys are stored.
What to consider before installing
Key things to check before installing or running this skill:
1) Inspect auth-manager.ts to confirm cookies are actually encrypted at rest and to see where encryption keys are stored. If cookies are plaintext, do not use real accounts.
2) Remove or change hardcoded debug paths (e.g., /Users/charles/.ecommerce-logistics/...). Those lines save full HTML and screenshots of authenticated pages and may leak sensitive information. Ensure the skill uses the configured data directory (ECOM_LOGISTICS_DATA_DIR or ~/.ecommerce-logistics) rather than absolute user paths.
3) Run first in an isolated environment (VM or throwaway account) because the skill automates browsers, may download browser binaries (Playwright), and will access/hold your session cookies.
4) Verify there is no code that exfiltrates data to external endpoints (search for fetch/XHR to third-party hosts in auth-manager and stealth-browser). The provided files do not show obvious network exfiltration, but truncated files include auth-manager and stealth-browser — inspect them.
5) Be aware of site policy/legal risk: the tool purposely includes anti-detection/stealth measures to bypass anti-bot checks; this can violate terms of service of the shopping platforms.
6) Note the documentation/code mismatch about JD/Douyin support — expect behavior may differ from the README. If you need only a subset (e.g., PDD/Taobao) consider removing adapters for unsupported platforms.
If you cannot review the missing files yourself, treat this skill as risky and avoid using real credentials or primary accounts until the above concerns are resolved.Like a lobster shell, security has layers — review code before you run it.
latestvk979tw1zkg1h113ddxmrcbxrp183jmp0
License
MIT-0
Free to use, modify, and redistribute. No attribution required.