Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The name/description (shopping coupon aggregator) aligns with the actual behavior: the Python script requests coupon data from an external aggregator, filters categories/coupons, caches results, and prints output. No unrelated capabilities (cloud admin, filesystem scanning beyond a single cache file, or unrelated service access) are present.
Instruction Scope
SKILL.md and the script stay within the shopping/coupon domain. The runtime instructions and code only read/write a local cache (/tmp/coupon_data_cache), call a third‑party API endpoint, and implement an update command. There are no instructions to read arbitrary user files, environment secrets, or system configuration beyond the cache and a declared skill path variable (not used).
Install Mechanism
This is an instruction-only skill with a bundled script and no install spec. Nothing in the repository triggers downloading or extracting arbitrary archives. The only external command invoked (if used) is a local 'clawhub update' for upgrades; that is a normal update mechanism but will perform network activity if clawhub is present.
Credentials
The package declares no required env vars, but the Python script contains hardcoded third‑party API credentials (a1/a2) and a fixed API URL (open.datadex.com.cn). Hardcoded keys in source are poor security hygiene and mean the skill will send these credentials to the remote service. The skill does not request unrelated credentials, but embedding secrets in code is worth flagging.
Persistence & Privilege
The skill is not always-enabled and does not request persistent platform privileges. It does write a cache to /tmp and suggests running an update via 'clawhub', but it does not modify other skills or system settings.
Assessment
This skill appears to do what it claims (fetch and show coupons) and is not trying to access unrelated credentials or system files. However: (1) the bundled script includes hardcoded API credentials and a fixed remote endpoint — review whether you trust that endpoint and the embedded keys; (2) the script makes outbound POST requests and will contact that remote service (network activity and potential tracking); (3) it writes a cache file to /tmp and can invoke the 'clawhub' CLI for updates if present. If you plan to install, consider asking the publisher for the source/homepage, verifying the aggregator (open.datadex.com.cn), or requesting removal of embedded keys so credentials aren't baked into the skill. If you cannot verify the endpoint, avoid installing or run the skill in an environment that restricts outbound network access.Like a lobster shell, security has layers — review code before you run it.
latestvk973y4vksfnb6fx7jadbrj8x1n839png
License
MIT-0
Free to use, modify, and redistribute. No attribution required.