Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Shopify Checkout API
v1.0.0Complete online shopping purchases on any online store using the Credpay Checkout API with x402 payments. Trigger when a user wants to buy, order, or checkou...
⭐ 0· 348·0 current·0 all-time
byJelilat Anofiu@jelilat
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill is named "Shopify Checkout API" but the instructions target a third‑party Credpay endpoint and claim to work with "any online store." That name/description mismatch and the broad "works with any online store" claim are not justified by the simple HTTP API shown. Also completing payments requires signing/payment capability (x402), which is not addressed by the declared requirements.
Instruction Scope
Runtime instructions tell the agent to collect personally identifiable information (shipping address, email) and to POST it to https://checkout-agent.credpay.xyz. They also require an X-PAYMENT header (x402 payment payload) but provide no guidance on how to obtain or create that payload, nor do they declare where signing keys or wallet access should come from. The guidance to "just pass the product page URL" glosses over store-specific checkout realities. The instructions grant broad discretion to gather and transmit sensitive data to an external host without provenance or privacy guidance.
Install Mechanism
This is an instruction-only skill with no install spec or bundled code files, so there is no direct installation risk (nothing is written to disk by the skill itself).
Credentials
No environment variables, credentials, or primary credential are declared, yet the workflow requires producing an x402 payment payload (which normally requires a wallet/private key or payment-provider credentials). This is a missing requirement: either the skill should declare required credentials or explain how the payment payload is obtained. The skill also instructs transmitting PII to an unknown external domain without specifying consent, retention, or security practices.
Persistence & Privilege
The skill does not request always:true and is user-invocable (normal). It will make network calls to a third-party service and poll for up to 10 minutes; if the agent is allowed to invoke skills autonomously, that expands the blast radius for transmitting PII and payment data. This is the default platform behavior but worth noting given the data involved.
What to consider before installing
Exercise caution before enabling this skill. Ask the publisher/developer to clarify: (1) why the skill is named "Shopify" while using Credpay and whether it truly supports arbitrary stores; (2) exactly how the X-PAYMENT (x402) payload is generated—what credentials or wallet access are required and how they should be provided and stored; (3) the privacy/security practices of checkout-agent.credpay.xyz (privacy policy, data retention, who can access submitted PII). Do not submit real payment credentials, full personal data, or large-value purchases until you: verify the service's identity and reputation, obtain explicit documentation for required credentials, and ensure keys are stored securely (not pasted into chat). Consider requiring explicit, one-time user consent before sending any PII or payment payloads and restrict autonomous invocation until these questions are answered.Like a lobster shell, security has layers — review code before you run it.
latestvk975j1524p38j6bexwtzxfn37x81zmsb
License
MIT-0
Free to use, modify, and redistribute. No attribution required.