ClawHub

taobao-shopping

Security checks across malware telemetry and agentic risk

Overview

This Taobao shopping skill is coherent, but it uses a logged-in browser session and can change the user's cart without a clear confirmation requirement.

Install only if you trust the OpenCLI package and browser bridge extension with your Taobao login. Use a separate Chrome profile or secondary account where possible, prefer dry-run before cart actions, and require the agent to confirm the exact item and specification before changing your cart.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The skill description triggers on very broad shopping-related phrases such as 淘宝购物, 查找商品, 查看购物车, 比价, and 加入购物车. Because the skill includes both read-only and state-changing capabilities, an overly broad trigger increases the chance that the agent invokes a Taobao session against the user's logged-in account without sufficiently explicit intent, especially for cart access or add-cart actions.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The add-cart command performs a state-changing action on the user's logged-in Taobao account, but the skill text does not present a prominent warning that this modifies account data or that agents must obtain explicit user confirmation first. In an agent setting, this can lead to unintended cart manipulation, especially since the skill also supports automatic spec selection when none is provided.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill relies on Chrome being logged into Taobao and explicitly states that all commands depend on Cookie authentication, but it does not include a clear privacy/security warning that commands will access data from the user's authenticated session. This makes the context more dangerous because search, detail, cart, and add-cart operate with live account privileges and may expose or modify personal shopping data if invoked unexpectedly.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal