China Shopping
Security checks across malware telemetry and agentic risk
Overview
This is a self-contained shopping-platform recommender that uses a local Python script and bundled data without requesting credentials, network access, persistence, or file writes.
This skill appears safe for its stated purpose. It runs a local Python script to recommend shopping platforms from bundled data, so review the recommendations as static guidance rather than live price or seller verification.
VirusTotal
64/64 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may execute local Python code from the skill, but the shown code is limited to offline recommendation logic.
The skill asks the agent to run a bundled local Python script. This is disclosed, central to the skill's purpose, and the provided code only reads local bundled JSON data and prints recommendations.
Run `python3 china-shopping.py recommend "<product>"` for the default recommendation flow.
Install only if you are comfortable running the bundled local Python script; no extra credentials or permissions appear necessary.