Skillv2.0.1

ClawScan security

Jingdong Shopping · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 21, 2026, 5:54 AM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requirements and instructions are consistent with a JD.com shopping assistant that uses the platform's browser/session channels for logged-in actions; nothing in the bundle asks for unrelated credentials or installs arbitrary code.
Guidance: This skill is internally consistent for a JD shopping assistant. Before using it, be aware it can perform state-changing actions using your logged-in browser session (add items to cart, apply coupons, fill addresses, generate order previews). It will not complete payment, but it can modify your cart and account-visible state. Only enable it if you trust the skill and the platform channel that supplies your browser session; avoid pasting credentials into the chat and monitor the first few actions it takes. If you prefer read-only assistance, ask the agent to limit itself to search/product pages and not perform logged-in/cart operations.

Review Dimensions

Purpose & Capability: okName/description (JD shopping, price/review/cart workflows) align with the SKILL.md: it describes searching, reviewing, comparing, adding to cart, applying coupons and generating pre-order info. The skill requests no external credentials or binary installs, which is coherent if it uses the agent/platform's browser session for logged-in operations.
Instruction Scope: noteSKILL.md instructs the agent to perform live page inspection and state-changing, logged-in actions (add to cart, apply coupons, fill address, generate order preview). These actions are within the stated purpose, but they involve accessing/using the user's browser session and personal data (addresses) — the document does not ask for separate credentials and relies on platform channels ('openclaw' and 'user'). No instructions reference unrelated files, env vars, or external endpoints.
Install Mechanism: okNo install spec or code files to execute; this is instruction-only. That minimizes risk because nothing is downloaded or written by the skill itself.
Credentials: okThe skill declares no required environment variables or credentials. It does require access to a logged-in browser/session to perform some operations — this is proportional to the capability (adding to cart, applying coupons, viewing orders). There are no unrelated or excessive credential requests.
Persistence & Privilege: okalways is false and the skill is user-invocable. Autonomous invocation (model invocation) is allowed but this is the platform default. The skill does not request elevated persistent privileges or modify other skills/configs.