单SKU门店分析

ReviewAudited by ClawScan on May 10, 2026.

Overview

The skill’s retail analytics purpose is coherent, but it delegates API access to an unreviewed local helper outside the package and returns raw business data beyond the documented output.

Review this skill before installing. Only use it if you trust the external workspace-front-door/api_client dependency and are authorized to access the store data. Prefer a version that bundles or clearly declares its API client and removes or gates raw API output.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Medium

#ASI04: Agentic Supply Chain Vulnerabilities

What this means

Installing users cannot verify from the provided package what code actually performs the API calls or how credentials are handled.

Why it was flagged

The skill imports an external helper from a hard-coded path outside the provided file manifest. That helper is not reviewed here but will control API access and may execute code at import time.

Skill content

sys.path.insert(0, '/Users/yangguangwei/.openclaw/workspace-front-door')
from api_client import get_copilot_data

Recommendation

Bundle the API client in the skill, declare it as a dependency/config requirement, avoid developer-specific absolute paths, and document the authentication flow.

Low

#ASI03: Identity and Privilege Abuse

What this means

The skill may retrieve sensitive retail, inventory, employee contribution, and customer-segmentation metrics using whatever permissions the external API client has.

Why it was flagged

The skill calls backend business analytics APIs for store/SKU data. This is aligned with the stated purpose, but it implies account or session authority that is not visible in the reviewed code.

Skill content

endpoint = f'/api/v1/store/dashboard/bi/goods/detail?storeId={store_id}&fromDate={from_date}&toDate={to_date}&goodsBaseId={goods_base_id}'
return get_copilot_data(endpoint)

Recommendation

Use only with an account authorized for the relevant store data, and ask the publisher to clearly declare required credentials and permission scope.

Medium

#ASI06: Memory and Context Poisoning

What this means

More sensitive store, sales, clerk, VIP, or AIoT details may enter the agent conversation/context than are needed for the visible summary.

Why it was flagged

The code returns the full raw API responses in the result, while the documented output focuses on structured analysis fields. Raw responses can include more business or employee data than the user expects.

Skill content

'raw_data': {
            'goods': goods,
            'performance': performance_data
        }

Recommendation

Remove raw_data from default output, make it an explicit debug option, or redact undocumented sensitive fields before returning results.