xianyu-automation-skill
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill is clearly intended to automate a Xianyu store, but it asks for high-impact store/account authority while its advertised safety limits are not visibly enforced in the included code.
Install only if you are comfortable giving an agent authority over real Xianyu store operations. Start with semi-automatic mode, verify the dependent Xianyu API/client skills, require confirmation for writes, use a dedicated low-permission API key, and do not rely on the advertised safety caps until they are confirmed in code.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked repeatedly or without the dependent safeguards working as expected, the agent could create or change store listings in ways that affect sales, reputation, or platform compliance.
The included automation method delegates batch product creation to another manager without a local confirmation check, daily-count update, or visible cap enforcement in this file. Product creation affects a public store and business account.
def auto_create_ai_service_matrix(self) -> Dict[str, Any]: ... results = self.product_manager.create_batch_products(service_types, price_tiers)
Use only in semi-automatic mode at first, require explicit approval for every write action, and verify the dependent product-manager skill enforces confirmations and batch limits before enabling automation.
A user may trust the skill to self-limit high-impact automated store operations even though those specific limits are not evident in the supplied code.
The documentation claims code-enforced caps and counter-based rejection, but the provided implementation initializes `_daily_count` without using it and does not check `MAX_BATCH_REFRESH` in the refresh loop. This overstates the visible safety controls.
Automation Safety Limits (Code-Enforced) ... Daily product creation cap ... the skill tracks a `_daily_count` counter and rejects creation requests beyond this limit. ... Batch refresh cap ... prevents runaway refresh operations.
Treat the safety-limit claims as unverified unless the publisher provides code that enforces the daily creation counter, batch refresh cap, and confirmation behavior.
If this calculated price is later applied to listings, it could cause larger-than-expected price reductions or increases and directly affect revenue.
The configuration suggests a ±10% price adjustment range, but the pricing logic can return a price far below the base price when competitor prices are much lower. This conflicts with the documentation claim that the range prevents extreme price changes.
'price_adjustment_range': 0.1 ... if avg_competitor_price < base_price * (1 - self.config['price_adjustment_range']): return int(avg_competitor_price * 0.95)
Require a hard clamp around the configured price-adjustment range before any price is applied to a real listing or order.
Anyone or any agent using these credentials may be able to perform real store operations depending on the permissions granted to the Xianyu application.
The skill requires Xianyu API credentials and describes full API permissions. This is expected for store automation, but it is sensitive delegated account authority.
有效的闲鱼管家开发者账号:包含完整的API权限 ... requires: env: - XIAN_YU_APP_KEY - XIAN_YU_APP_SECRET
Use a dedicated low-permission Xianyu application key, store secrets in a secret manager or environment variables, and rotate/revoke credentials if you stop using the skill.
The real credential handling, confirmation prompts, endpoint allowlists, and write behavior depend on components not reviewed here.
The code relies on external Xianyu client and product-manager components. Those dependencies are disclosed in SKILL.md, but their code and installation provenance are not included in this artifact set.
from xianyu_api_client_skill import XianYuAPIClient from xianyu_product_manager_skill import XianYuProductManager
Review and pin the dependent skills/packages before enabling this skill, especially because they perform the actual API writes.
A long-running or silent agent could continue making store decisions without the user noticing problems quickly.
The documentation promotes unattended, continuous, and optionally silent operation. That is aligned with an automation skill, but it increases risk when paired with account mutations.
实现了真正的"无人值守"运营模式 ... 实时监控:7x24小时监控新订单状态 ... 无通知(完全静默运行)
Keep notifications enabled, set explicit stop conditions and operating windows, and avoid fully silent mode for any workflow that can modify listings, orders, prices, or shipping.