Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
myskill
v1.0.1Provides daily Shopify sales summaries, low stock alerts, and competitor price tracking using your Shopify API key.
⭐ 0· 78·0 current·0 all-time
byNubra Valley@jamod
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The declared purpose (Shopify sales summaries, low-stock alerts, competitor price tracking) is reasonable, but the package metadata and manifest do not declare the credentials or services (Shopify API key, SMTP/Telegram tokens, competitor tracking endpoints) that would be needed. skill.json names the skill 'EcomMonitor' while the top-level name is 'myskill', and README/CHANGELOG claim 'no persistence' while SKILL.md explicitly says the agent 'Sets cron job'—these inconsistencies reduce confidence that requested capabilities align with what's required.
Instruction Scope
SKILL.md is very short and vague: it instructs the agent to fetch sales data, send reports, and set a cron job. It references sending alerts via Telegram/email and competitor price tracking but gives no concrete endpoints, no guidance on required tokens/SMTP config, and no constraints on what files or system state the agent may modify. The instruction 'Sets cron job' directs persistent system modification which is outside the stated 'no persistence' claim.
Install Mechanism
There is no install spec and no code files (instruction-only). That minimizes risk from arbitrary binaries or downloads. The lack of an install step is consistent with being an instruction-only skill, though it shifts risk to whatever the agent runtime will do when following the instructions.
Credentials
The SKILL.md says 'Setup needed: Shopify API key' and mentions email/Telegram alerts, but the registry metadata shows no required environment variables or primary credential. For alerting and competitor tracking the agent would typically need additional credentials or configuration (SMTP credentials, TELEGRAM_BOT_TOKEN or webhook, competitor API keys). The absence of declared env vars is disproportionate and unexplained.
Persistence & Privilege
The README asserts 'No persistence' but SKILL.md's example flow includes 'Sets cron job' (creating scheduled, persistent behavior on the host). Even though always:false and autonomous invocation is normal, instructions that create cron jobs imply modifying system state and establishing persistence without declaring that requirement or asking for elevated permissions.
What to consider before installing
This skill contains several contradictions and vague instructions. Before installing or providing credentials: 1) Ask the author to clarify and update SKILL.md and metadata to explicitly list required environment variables (Shopify API key, SMTP/Telegram credentials, any competitor API keys) and explain exactly how alerts are sent. 2) Confirm whether the agent will write cron jobs or otherwise modify system crontab; if so, require explicit, auditable instructions and prefer using an external scheduler or a separate, dedicated automation service. 3) Only provide a read-only Shopify API token scoped to minimal data needed, and use dedicated, limited-purpose alert credentials (a throwaway SMTP account or a bot token with narrow scope). 4) Request details on how competitor tracking works (which domains/APIs are contacted) and ask for safeguards against scraping sensitive endpoints. 5) Do not grant broad or production credentials until the skill's behavior is fully specified and you have assurance it won't alter system files. If the author cannot satisfactorily update the documentation and manifest to remove these mismatches, treat the skill as untrusted.Like a lobster shell, security has layers — review code before you run it.
latestvk97fvktv8vn3nym93nwn06hmq983avzj
License
MIT-0
Free to use, modify, and redistribute. No attribution required.