Skillv1.0.0

ClawScan security

taobao-shopping · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 15, 2026, 11:20 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's behavior (browser automation using your logged-in Taobao cookies and an unpacked Chrome extension plus a global npm package) is coherent with a Taobao shopping assistant, but the SKILL.md omits the provenance of the required browser bridge extension and relies on a third‑party global npm package — both of which are moderate-risk, unexplained elements you should verify before installing.
Guidance: This skill works by automating your Chrome session and requires installing a global npm CLI (@jackwener/opencli) and loading a browser extension that can access Taobao cookies. Before using it: (1) verify the npm package and its source (GitHub repo, maintainer, recent activity, read install scripts); (2) locate and inspect the Browser Bridge extension code or confirm it comes from the npm package or an official repo — do not load an unpacked extension of unknown origin; (3) prefer testing in a secondary Chrome profile with only a low‑value Taobao account to limit exposure; (4) use the --dry-run option and avoid giving this tool credentials beyond your normal browser login; (5) if you cannot find the bridge extension source or a trustworthy package repo, do not install or load the extension. These checks will reduce risk from accidental credential exposure or unwanted account actions.

Review Dimensions

Purpose & Capability: okThe name/description (search/detail/add-cart/cart/reviews on Taobao) match the runtime instructions. The declared requirements (Chrome logged-in session, OpenCLI) are consistent with browser-driven automation for this purpose and there are no unrelated env vars or credentials requested.
Instruction Scope: concernInstructions require loading an 'OpenCLI Browser Bridge' as an unpacked Chrome extension (load 'extension/' directory) and rely on Cookie authentication from a logged-in Taobao Chrome profile. The SKILL.md does not include the extension files or a clear link to their origin, nor does it explicitly describe what the extension can access or transmit. Because the extension and the browser cookies are sensitive (can enable account access and actions like add-to-cart), this missing provenance is a material concern.
Install Mechanism: noteThere is no formal install spec in the skill bundle, but the README instructs users to 'npm install -g @jackwener/opencli'. Installing a global npm package is a normal route for CLI tools but carries standard registry risks (a package can run arbitrary install-time scripts). The skill gives no pointer to verify the package source (repository or checksum) or to obtain the browser extension artifacts safely.
Credentials: noteNo environment variables or external credentials are requested, which is appropriate. However, the skill explicitly depends on the user's logged-in Chrome session and cookies for authentication — a proportionate but high-sensitivity requirement. Users should be aware that any extension or automation that can access their cookies can act as the logged-in user.
Persistence & Privilege: okThe skill is not always-enabled, has no install-time cross-skill configuration changes, and does not request elevated platform privileges in the metadata. It does instruct the user to add a Chrome extension and install a global npm package; those are local persistence/privilege actions but limited to the user's machine and consistent with the stated feature set.