ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

mcdonalds-mcp-order-lite

v1.0.0

Place McDonald's China delivery orders through the official MCP server at https://mcp.mcd.cn using a Bearer MCP token over Streamable HTTP / JSON-RPC. Use wh...

0· 264·1 current·1 all-time
by@danielliao
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name, SKILL.md, and included files (client.py, scripts/mcd_rpc.py, tools.py, nlp_processor.py) consistently implement McDonald's China MCP ordering functionality against https://mcp.mcd.cn. The code provides menu, order creation, pricing, and intent parsing as advertised, so capabilities align with purpose.
Instruction Scope
Runtime instructions in SKILL.md describe the MCP JSON-RPC flow and the required steps (query addresses, calculate-price, create-order, etc.). The code follows that flow and only references network calls to the MCP server and user-provided data (addresses, items, location). There are no instructions to read unrelated system files or exfiltrate data to unknown endpoints.
Install Mechanism
There is no install spec (instruction-only from a packaging perspective), and no remote downloads — low install risk. However, the package includes Python code that depends on libraries (requests, urllib) and OpenClaw runtime APIs (openclaw.skill). Those runtime dependencies are not declared in the registry metadata; the skill will fail or behave unexpectedly if the runtime lacks required libs or the OpenClaw API.
!
Credentials
The registry metadata lists no required environment variables or primary credential, but client.py and scripts/mcd_rpc.py clearly read MCD_MCP_TOKEN (and optionally MCD_MCP_URL). SKILL.md explicitly instructs use of 'Authorization: Bearer <TOKEN>'. This mismatch is a material incoherence: the skill requires a sensitive token (Bearer token) to function, yet the package metadata does not declare or explain that. No other unrelated credentials are requested, but the omission makes it unclear how the token should be supplied/managed.
Persistence & Privilege
The skill does not request always:true, does not modify other skills or system-wide config, and appears to only register tools via openclaw.skill.tool. Autonomous invocation is allowed (platform default) but not combined with other broad privileges. The skill does not write installers or run remote code downloads.
What to consider before installing
This skill implements McDonald's China MCP ordering and will contact https://mcp.mcd.cn using a Bearer token, but the registry metadata omits the required environment variables. Before installing: (1) treat MCD_MCP_TOKEN as a secret — only provide it if you trust the skill source; (2) verify where the package came from (there's no homepage/source URL); (3) consider running the code in a sandbox to confirm network behavior; (4) ensure your environment has required Python deps (requests and OpenClaw runtime) and decide how you'll securely store the token (platform secret store, not plaintext env if possible); (5) if you need higher assurance, ask the publisher to update metadata to declare required env vars and provide a source repo or signed release. If the publisher cannot justify the missing credential declaration or provide a trusted source, treat this package as untrusted.

Like a lobster shell, security has layers — review code before you run it.

latestvk97fkda2m1tny7xzgxq5yy4vh982k506

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments