ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Taobao Query

v1.0.0

Query Taobao product prices and information through MCP (Model Context Protocol). Use when the user asks about product prices, searches for items on Taobao,...

0· 309·0 current·0 all-time
by@evensix66
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (Taobao product queries) align with the SKILL.md: it expects a running Taobao MCP server and exposes search, browse, cart and chat operations — these are coherent with the stated purpose. However, the skill permits broad browsing/navigation and reading of cart/order data (sensitive but plausibly needed).
!
Instruction Scope
The SKILL.md instructs the agent to connect to an MCP server and use operations that can read page content, browsing history, cart and order details, navigate to arbitrary URLs, and send chat messages. While payments are explicitly forbidden, the agent can still access authenticated Taobao state (orders, carts, browsing history) and open arbitrary URLs — actions that can expose private data or be abused to perform unwanted actions.
Install Mechanism
This is an instruction-only skill (no install spec or code). That lowers disk/execution risk. It does require the user to install/enable the Taobao Desktop client's MCP service — which is expected for its function.
!
Credentials
The skill declares no required env vars or credentials, but it instructs the user to set TAOBAO_MCP_URL and examples allow non-localhost addresses. Pointing TAOBAO_MCP_URL to a remote or attacker-controlled host would let that host receive session-level commands and access account data. Even with localhost, the MCP interface can expose authenticated account data (cart, orders, browsing history), which is sensitive and should be limited.
Persistence & Privilege
always:false (no forced install). The skill is callable autonomously by default (disable-model-invocation:false), which is platform normal. Autonomous invocation plus the ability to access account data and arbitrary MCP endpoints increases blast radius — consider restricting autonomous use if you don't trust the skill source.
What to consider before installing
This skill can control a Taobao client via an MCP server and read sensitive, authenticated data (cart, orders, browsing history). Before installing: only use it if you trust the skill source; ensure TAOBAO_MCP_URL is left at the localhost default (http://127.0.0.1:3654/mcp) and do NOT point it to remote or untrusted hosts; consider using a separate/no-payment Taobao account for testing; restrict or disable autonomous invocation if possible; review network/firewall rules so the MCP port is not exposed publicly; and monitor the Taobao account for unexpected activity. If you need stronger assurance, ask the skill author to require/confirm localhost-only MCP use and to document exactly which MCP tool calls will run for each user request.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ecp0hd19gvhftrm3sk31qnd83858bmcpvk97ecp0hd19gvhftrm3sk31qnd83858bprice-comparisonvk97ecp0hd19gvhftrm3sk31qnd83858bshoppingvk97ecp0hd19gvhftrm3sk31qnd83858btaobaovk97ecp0hd19gvhftrm3sk31qnd83858b

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments