ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Haresh Cart Management

v1.0.1

Manage shopping cart operations via n8n webhook integration

0· 361·1 current·1 all-time
byHaresh Sainaath S@haresh-sai06

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for haresh-sai06/haresh-cart-management.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Haresh Cart Management" (haresh-sai06/haresh-cart-management) from ClawHub.
Skill page: https://clawhub.ai/haresh-sai06/haresh-cart-management
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Canonical install target

openclaw skills install haresh-sai06/haresh-cart-management

ClawHub CLI

Package manager switcher

npx clawhub@latest install haresh-cart-management
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description claim shopping-cart operations via n8n webhooks and the SKILL.md only references calling local n8n webhook endpoints (http://localhost:5678/webhook/...). No unrelated binaries, env vars, or install steps are requested, so required resources are proportionate to the stated purpose.
Instruction Scope
Runtime instructions are limited to extracting product_id/quantity and calling the three localhost webhook endpoints. However, they do not specify how to 'validate product_id exists' or how to 'check current quantity' (e.g., which API or data source to use), which is ambiguous and could lead the agent to probe other services for context. Otherwise the instructions do not direct reading files or exfiltrating data.
Install Mechanism
Instruction-only skill with no install spec and no code files — nothing is written to disk or downloaded. This is the lowest-risk install profile.
Credentials
No environment variables, credentials, or config paths are requested, which is proportionate for a webhook-based cart skill. The use of localhost endpoints means no external credentials are declared, but those endpoints may rely on local n8n auth which is not described.
Persistence & Privilege
Skill is not always-enabled and does not request persistent privileges or modifications to other skills. Default autonomous invocation is allowed (platform default) but not combined with other concerning flags.
Assessment
This skill looks coherent with its purpose, but it leaves important details unspecified. Before installing: (1) Ensure you actually run n8n at http://localhost:5678 and that the three webhook endpoints exist and are authenticated — otherwise the agent will attempt local HTTP requests that could be abused. (2) Confirm how product_id validation and current-cart checks are implemented (does your n8n workflow perform these checks?), and avoid giving the agent blanket access to external/internal services you don't control. (3) Prefer protecting the webhooks with authentication or a secret token and document expected request/response formats. If you need stronger assurance, run the skill in a sandboxed agent or review/modify the SKILL.md to explicitly call authenticated endpoints and to define where validation and cart-state reads occur.

Like a lobster shell, security has layers — review code before you run it.

latestvk97c6fzd60r2v05b2ng293ck45827q6e
361downloads
0stars
2versions
Updated 19h ago
v1.0.1
MIT-0
Haresh Sainaath S@haresh-sai06
latest
Download

Cart Management Skill

Purpose

Handles all shopping cart operations including adding items, removing items, and updating quantities.

When to Use

  • User wants to add a product to their cart
  • User wants to remove an item from cart
  • User wants to change item quantity

Supported Actions

Add to Cart

  1. Extract product_id from user message
  2. Validate product_id format
  3. Check quantity (default to 1)
  4. Call n8n webhook at http://localhost:5678/webhook/cart-add
  5. Confirm success to user

Remove from Cart

  1. Extract product_id to remove
  2. Check current quantity
  3. If quantity greater than 1, ask user for confirmation
  4. Call n8n webhook at http://localhost:5678/webhook/cart-remove
  5. ALWAYS confirm with user before removing

Update Quantity

  1. Extract product_id and new quantity
  2. Validate quantity is positive integer
  3. Call n8n webhook at http://localhost:5678/webhook/cart-update
  4. Confirm update to user

Safety Rules

  • NEVER allow negative quantities
  • ALWAYS confirm before removing items
  • Validate product_id exists before operations

Comments

Loading comments...