ClawHub

1688 Procurement Agent

v1.0.0

A comprehensive procurement coaching system designed for global buyers sourcing from 1688.com. Transform from novice to confident importer with practical fra...

0· 161·0 current·0 all-time
by@findhappy7
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description (sourcing/procurement from 1688.com) match the SKILL.md content: stepwise guidance, vetting checklists, negotiation playbooks and logistics advice. There are no unrelated requirements (no env vars, binaries, or installs) that would be disproportionate to the stated purpose.
Instruction Scope
Instructions ask the user/agent to collect supplier artifacts (business license scans, videos, screenshots, chat transcripts) and to install browser translation tools for usability. Collecting supplier documents and media is expected for vetting suppliers, but these steps involve handling potentially sensitive documents — the SKILL.md does not provide explicit guidance on protecting or verifying sensitive files beyond basic vetting, so users should be cautious about how and where they store/transmit them.
Install Mechanism
No install spec or code files present; this is instruction-only so nothing will be downloaded or written to disk by the skill itself.
Credentials
The skill requests no environment variables, credentials, or config paths. All recommended data collection pertains to supplier-sourced documents and user inputs (which is proportional to procurement coaching).
Persistence & Privilege
The skill does not request permanent presence (always:false) and does not modify agent/system configs. Autonomous invocation is allowed by platform default but not combined with other concerning privileges.
Assessment
This skill is a text-only coaching/manual for sourcing on 1688.com and appears internally consistent. Before using: (1) understand it will prompt you to collect supplier documents, videos, and chat screenshots — treat those as potentially sensitive and avoid sharing your own bank credentials or unrelated personal data; (2) verify supplier documents independently (official government/company registries, third-party verification services) rather than trusting only provided files; (3) use secure payment/escrow methods and consider third-party inspection services for product quality; (4) be cautious installing browser extensions suggested by the guide — install only from official stores and review permissions; (5) if you need automatic integrations or file uploads, prefer tools/providers you trust since this skill does not itself provide secure upload or verification code. Overall the skill is coherent, but exercise standard operational security when collecting and transmitting documents.

Like a lobster shell, security has layers — review code before you run it.

latestvk971dwdrmevma3a0ts40kb5gcs837zs4

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments