Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Ecommerce Bundle
v1.0.0电商运营套装 - 智能电商助手,让店铺运营更轻松。整合竞品监控、自动回复、评价管理、选品分析四大能力。24小时在线客服,数据驱动选品。定价¥199/套。
⭐ 0· 159·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (competitor monitoring, auto-reply, review management, product research) align with the instructions and the listed subcomponents (spider, browser-automation, wechat-management, qqbot-cron, agent-browser, tavily-search). However the skill does not declare any environment variables or credentials even though connectors for WeChat/QQ/email and shop platforms (Taobao/JD) will realistically require API keys, account cookies or service credentials. Also the README directs users to git clone a GitHub repo and run an install.ps1, which is an out-of-band install step not represented in the registry metadata.
Instruction Scope
SKILL.md stays mostly within e‑commerce tasks (monitoring, replying, analysis), but it instructs installing multiple external sub-skills and editing config files. The README instructs 'git clone https://github.com/clawhub/ecommerce-bundle.git' and to run './install.ps1'—this asks the user to fetch and execute external code. The instructions do not list what sensitive credentials will be read or required at runtime, yet they imply accessing external accounts and scraping merchant platforms, which could require account cookies, API tokens, or other secrets.
Install Mechanism
Registry shows no formal install spec (instruction-only), but README directs cloning a GitHub repo and running an install.ps1 script. Running an external PowerShell install script is high risk because arbitrary code from that repo could execute locally; the registry provides no checksum, official release URL, or verification instructions. The SKILL.md's 'py -m clawhub install ...' calls out to a package manager/CLI which is plausible, but the external git+install.ps1 path is the main red flag.
Credentials
The skill declares no required env vars or primary credential, yet its functionality (WeChat/QQ bots, email alerts, scraping Taobao/JD, auto‑order queries) normally requires multiple credentials/tokens and possibly cookies or proxy credentials. That mismatch—capability implying access to external accounts while declaring no required secrets—reduces transparency and increases risk of hidden credential prompts or ad‑hoc credential collection during setup.
Persistence & Privilege
The skill is not force-included (always:false) and has no install spec in the registry. There's no indication it would modify other skills or system-wide settings from the registry files. The main persistence concern would come from running the external install.ps1 (not included) which could modify the system; that is an out-of-band risk rather than an inherent registry privilege.
What to consider before installing
This skill looks like a plausible e‑commerce assistant, but exercise caution before installing: 1) Do not run install.ps1 or any install script from an unknown repo without inspecting its contents—download the GitHub repo and review the script for unexpected actions. 2) Confirm the GitHub repository and its owner are legitimate and check commit history and issues. 3) Expect the skill to need credentials (WeChat/QQ bot tokens, email SMTP/API, shop platform cookies or API keys); only provide those after you trust the code and preferably in a least-privileged account. 4) If you must test, do so in an isolated environment (VM or sandbox) and limit network access. 5) Ask the publisher for a formal install spec, checksums for any downloads, and a clear list of required environment variables/permissions before proceeding.Like a lobster shell, security has layers — review code before you run it.
latestvk973adgaymjm1dnqkmmc1zm6v183n3vg
License
MIT-0
Free to use, modify, and redistribute. No attribution required.