Gurkerl
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: gurkerl Version: 1.1.1 The skill manages sensitive grocery account credentials (GURKERL_EMAIL, GURKERL_PASS) and provides tools for financial transactions like 'submit_checkout' and 'submit_credit_compensation'. It includes high-risk capabilities such as 'get_url_content' (potential SSRF/exfiltration) and 'email_support_on_user_behalf', which are unusually broad for a grocery shopping integration. While these tools are contextually framed as customer support features, the lack of implementation code and the requirement for plaintext credentials in environment variables create a significant attack surface without clear evidence of malicious intent in the documentation (SKILL.md).
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent with these credentials could place, repeat, cancel, or alter real grocery orders if invoked incorrectly.
These documented tools can spend money or materially change a user's grocery account, but the skill does not document required confirmation, spending limits, or review steps before invocation.
`update_payment_method_checkout` | Change payment method ... `submit_checkout` | Submit the order ... `repeat_order` | Reorder ... `cancel_order` | Cancel upcoming order
Require an explicit user approval step before checkout, payment, reorder, cancellation, or support/claim actions, including a final cart total, delivery slot, payment method, and order-change summary.
Anyone or any process that can read those environment values may be able to access the Gurkerl account through the skill.
The skill requires the user's full Gurkerl login credentials and suggests persisting them locally for ongoing gateway access. This is purpose-aligned for account shopping, but it is sensitive account authority.
export GURKERL_EMAIL="your@email.com" export GURKERL_PASS="your-password" For persistent access, add to `~/.config/systemd/user/openclaw-gateway.service.d/gurkerl.conf`
Prefer OAuth or a limited token if available; otherwise store the password with restrictive file permissions, avoid persistence unless needed, and rotate the password if the host may be exposed.
Users must rely on the documented instructions and should verify they are connecting to the intended official Gurkerl MCP service.
Because no runnable code or install configuration is supplied, the review cannot verify the actual `gurkerl` command, MCP endpoint, or helper behavior from these artifacts.
No install spec — this is an instruction-only skill. No code files present — this is an instruction-only skill.
Before use, verify the MCP server URL against Gurkerl's official documentation and avoid adding unreviewed helper scripts or modified endpoints.