Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Gurkerl
v1.1.1Gurkerl.at grocery shopping via MCP - search products, manage cart, orders, recipes, favorites.
⭐ 3· 1.9k·0 current·0 all-time
byFlorian Beer@florianbeer
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name and description (Gurkerl MCP grocery actions) match the runtime instructions: the skill uses HTTP calls (curl/jq) and account credentials to search products, manage cart/orders, etc. Requiring an account email/password is plausible for this purpose. However the registry metadata claims no required env vars or config paths while SKILL.md explicitly requires GURKERL_EMAIL and GURKERL_PASS and suggests storing them in a systemd drop-in file — this inconsistency is notable.
Instruction Scope
SKILL.md contains detailed CLI-style instructions and lists many API-like tools (search, cart, checkout, support email). The instructions ask you to export your Gurkerl email/password and even show how to persist them in a systemd user drop-in file. Persisting cleartext account credentials and enabling actions such as 'email_support_on_user_behalf' increase the scope of what the skill can do with your account; the skill does not instruct reading unrelated system files, but it does direct writing credentials to a user-level system path which is beyond a minimal runtime scope.
Install Mechanism
No install spec and no code files — instruction-only. That minimizes supply-chain risk (nothing is downloaded or written by an installer). It does require curl and jq to exist on PATH, which is reasonable for a CLI wrapper that performs REST calls and JSON parsing.
Credentials
The skill needs account credentials (GURKERL_EMAIL, GURKERL_PASS) which is proportionate to interacting with a user account, but the registry metadata does not declare these env vars while SKILL.md does — an inconsistency that reduces transparency. The instructions also recommend persisting the password in a systemd service drop-in file (~/.config/systemd/user/.../gurkerl.conf), which stores secrets in a file that may be readable by processes with access to your user config — this is a security/privacy risk and not strictly necessary for a simple CLI usage model.
Persistence & Privilege
The skill is not force-enabled (always:false) and is user-invocable. However SKILL.md explicitly suggests making credentials persistent by writing them into a systemd user drop-in file. That gives long-lived access to the account from the environment where the agent runs; it increases persistence risk if you enable it. The skill does not request elevated system privileges or modify other skills' configs.
What to consider before installing
This skill looks coherent with its stated purpose (it uses your Gurkerl account to manage shopping), but there are two practical concerns you should consider before installing: (1) SKILL.md requires your Gurkerl email and password even though the registry metadata doesn't declare them — ask the publisher to clarify and preferably use an API token if available; (2) do not store your password in persistent files unless you understand the risk — avoid adding credentials to a systemd drop-in in cleartext; instead export them for a single session or create a dedicated low-privilege test account. Also confirm what 'email_support_on_user_behalf' and other actions do (which endpoints they call and whether they forward data externally). If you don't trust the unknown source, test with a throwaway account or request the skill's origin/source code before use.Like a lobster shell, security has layers — review code before you run it.
latestvk972ja2mkb4285ze51wn6dstgn83x43d
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🥒 Clawdis
Binscurl, jq
Environment variables
GURKERL_EMAILrequiredGURKERL_PASSrequired