Skillv1.0.0

ClawScan security

ecom-price-monitor跨境电商价格监控神器 - 竞品一动，秒级预警 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 25, 2026, 8:58 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill claims broad, production-ready multi‑platform price monitoring and notifications, but the shipped code contains mocked/stubbed scraping and TODOs and does not implement many of the advertised integrations — not evidently malicious, but internally inconsistent and incomplete.
Guidance: This skill is not obviously malicious, but it overpromises and appears incomplete: many scrapers are mocked and email/webhook are marked TODO. Before installing or running with real credentials, do the following: (1) Inspect the full src/main.py (the provided view was truncated) to confirm which network endpoints are contacted and whether any secrets are transmitted; (2) Don’t put production API keys or SMTP passwords into the shipped config file without first verifying the notification/scraping code; use limited-scope/test credentials or environment-isolated accounts; (3) Expect to implement or replace mocked scrapers with robust, compliant scraping or official APIs (and respect platform terms of service); (4) Run the skill in a sandboxed environment and monitor outbound network activity the first time you run it; (5) If you need the advertised platforms (eBay, Shopify, Walmart, Target), verify those integrations are actually implemented or be prepared to add them yourself. If you want higher assurance, ask the author for a complete changelog and proof that the advertised integrations are implemented and audited.

Review Dimensions

Purpose & Capability: concernThe README/SKILL.md advertises many platform integrations (Amazon, eBay, Shopify, Walmart, Target, etc.) and real scraping/notification features, but the implemented PLATFORMS dict and visible code only include amazon/taobao/jd/pdd/1688 and several scraping methods are mocked. The documentation mentions API keys and cookies for multiple platforms, yet the repository lacks implemented API usage for many of those services. This is a capability–purpose mismatch (overpromised features vs. delivered code).
Instruction Scope: concernRuntime instructions are simple (pip install -r requirements.txt; python src/main.py) and the code reads config/settings.yaml for API keys and notification settings. However, many capabilities described in SKILL.md/docs (real-time scraping, email/webhook notifications) are not actually implemented in the visible code (there are mock scrapers and TODOs for email/webhook). The SKILL.md does not explicitly ask for secrets as env vars but the config file contains many secret fields (API keys, SMTP password, webhook_url) that the program will read if populated. No instructions ask the agent to read unrelated system files or exfiltrate data, but the skill's operation depends on user-provided credentials in the config file.
Install Mechanism: okNo install script or remote downloads; it's an instruction-only install with a requirements.txt (requests, bs4, schedule, pyyaml, pandas). This is a standard Python dependency list and there are no remote archive downloads or unusual installers.
Credentials: noteThe skill declares no required environment variables, which matches the package metadata. However, config/settings.yaml includes many secret fields (API keys for Amazon/Taobao/JD/PDD, SMTP username/password, webhook_url). These are optional but necessary for full functionality; requiring users to populate plaintext secrets in the repo config is expected for this tool but increases risk if credentials are reused or stored insecurely. No unrelated platform credentials are requested.
Persistence & Privilege: okalways is false and the skill does not request elevated or persistent platform privileges. It writes logs/exports to disk per configuration and can send notifications if configured; nothing in the manifest indicates modification of other skills or system-wide configuration.