CouponClaw

v1.1.2

Find verified coupons, stack cashback, and get final prices with savings across China, US, UK, Australia, Southeast Asia, and global DTC brands.

⭐ 0· 135·0 current·0 all-time

by@jiajiaoy

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for jiajiaoy/couponclaw.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "CouponClaw" (jiajiaoy/couponclaw) from ClawHub.
Skill page: https://clawhub.ai/jiajiaoy/couponclaw
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install couponclaw

ClawHub CLI

Package manager switcher

npx clawhub@latest install couponclaw

Security Scan

Capability signals

CryptoCan make purchases

These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.

VirusTotal

Benign

View report →

OpenClaw

Suspicious

medium confidence

ℹ

Purpose & Capability

Name/description match the included scripts: find.js, cashback.js and daily-deals.js all instruct the agent to use a browser/web_search to extract coupons and cashback rates from many public coupon/cashback sites. That behavior is coherent with a coupon-finding skill. However the SKILL.md and scripts advertise a push/cron subscription workflow (push-toggle.js and channel delivery to telegram/slack/feishu/discord) yet no push-toggle.js file, no install spec, and no required environment variables or credentials for outbound pushes are present — this is an unexplained gap.

✓

Instruction Scope

The SKILL.md and scripts explicitly tell the agent to use the browser tool and web_search to visit named coupon and cashback sites, extract coupon codes, rates, and expiry — that is within the skill's stated purpose. The instructions do not ask the agent to read unrelated local files or environment variables, nor do they instruct transmission of arbitrary local data. They do assume the agent has a 'browser' tool available.

✓

Install Mechanism

No install spec is provided (instruction-only style), package.json has zero dependencies and main entrypoints point to the included scripts. No downloads or third-party installs are invoked by the skill bundle itself, which is low risk. The scripts are plain JS and not obfuscated.

Credentials

The skill declares no required environment variables or credentials, yet SKILL.md references push notifications to Telegram/Slack/Feishu/Discord and a push-toggle.js command with a userId and channel parameter. Sending pushes to those services typically requires channel tokens/credentials, but none are declared or provided. This is an incoherence: the skill advertises push delivery/subscriptions without supplying or requesting the necessary credentials or an implementation file (push-toggle.js is missing).

✓

Persistence & Privilege

The skill is not force-enabled (always:false) and follows the platform default for autonomous invocation. It does not request system-level persistence or modify other skills. No privileges beyond browser/web access are requested in the bundle.

What to consider before installing

CouponClaw's scripts and instructions look like a legitimate coupon/cashback aggregator that expects the agent to use a browser tool to scrape public coupon and cashback sites. However: - The SKILL.md lists a push-toggle.js script and describes push subscriptions (Telegram/Slack/Feishu/Discord), but push-toggle.js is not present in the package and no credentials (API tokens) are requested. Confirm how push notifications are implemented before enabling push/cron functionality. - The skill expects a browser/navigation tool (it recommends installing gstack). Ensure you understand and trust the browser tool the agent will use, since it will open many external sites on your behalf. - The skill will navigate and scrape many third-party sites. That is expected, but be cautious about any future edits that add network endpoints, hidden remote servers, or requests for credentials. Recommendations before installing: 1. Ask the publisher why push-toggle.js is missing and where push credentials are supposed to be configured. Do not supply messaging service tokens unless you verify the push implementation. 2. Verify the agent's browser tool (gstack or equivalent) and its security model (does it allow file access, credential forwarding, or arbitrary downloads?). 3. If you want to run the daily cron/push functionality, insist on an implementation that clearly documents how tokens are stored and used (and that those tokens are optional). Given the missing push implementation and credential expectations, treat this skill with caution (suspicious) until those inconsistencies are resolved.

Like a lobster shell, security has layers — review code before you run it.

latestvk97c29nrrt1edemxnr2tejg67h85n772

135downloads

0stars

5versions

Updated 18h ago

v1.1.2

MIT-0

CouponClaw

Find coupons, stack cashback, and maximize savings — across China, US, UK, Australia, Southeast Asia, and DTC brands worldwide.

CouponClaw is the only coupon skill that covers every major market in one place. It searches verified coupon databases, finds cashback portal rates, and calculates the best stacking strategy so you always know the exact final price before checkout.

What makes CouponClaw different

Most coupon tools check one platform in one country. CouponClaw runs a 3-layer strategy:

Layer 1 — Coupons: Real-time browser search across region-specific coupon sites (smzdm, RetailMeNot, VoucherCodes, OzBargain, ShopBack, and more)
Layer 2 — Cashback stacking: Compares 返利网, Rakuten, TopCashback, and ShopBack rates — and checks if they stack with the coupon
Layer 3 — DTC brand check: Detects hidden first-order discounts and newsletter signup offers on brand official sites

It also runs a daily deals briefing (via cron) that surfaces the hottest community-verified deals from each region every morning.

Trigger phrases

Use CouponClaw when you say things like:

"is there a coupon for..."
"promo code for..."
"discount code"
"voucher code"
"coupon code"
"cashback for..."
"有没有优惠券"
"有没有券"
"优惠码"
"折扣码"
"返利"
"省钱"
"领券"
"打折"
"今日优惠"
"daily deals"
"best deals today"

Scripts

Script	Command	Description
`find.js`	`node scripts/find.js <product or store> [--region cn\|us\|uk\|au\|sea\|all] [--lang zh\|en]`	Find all available coupons + cashback stacking for a product or store
`cashback.js`	`node scripts/cashback.js <store> [--spend amount] [--lang zh\|en]`	Look up and compare cashback rates across all platforms
`daily-deals.js`	`node scripts/daily-deals.js [--region cn\|us\|uk\|au\|sea\|all] [--lang zh\|en]`	Generate today's top deals briefing (for cron push)
`push-toggle.js`	`node scripts/push-toggle.js on\|off\|status <userId> [--morning HH:MM] [--region ...] [--channel telegram\|slack\|feishu\|discord] [--lang zh\|en]`	Manage daily deal push subscription

Region coverage

Region	Coupon sources	Cashback
🇨🇳 China	什么值得买, 京东领券中心, 淘宝聚划算, 折800	返利网, 什么值得买返利
🌏 Chinese overseas	Dealmoon (North America)	Rakuten
🇺🇸 US	RetailMeNot, Slickdeals, Amazon Coupons	Rakuten, TopCashback
🇬🇧 UK	VoucherCodes, HotUKDeals, MyVoucherCodes	TopCashback
🇦🇺 Australia	OzBargain, Cashrewards	ShopBack
🌏 Southeast Asia	ShopBack, iPrice	ShopBack
🏷️ DTC brands	Official site popup detection, newsletter signup offers	Rakuten / TopCashback

Recommended companion

Install gstack for full browser navigation support — CouponClaw uses the browser tool to read live coupon pages and get real (not cached) data.

No API required

CouponClaw uses browser navigation to read real-time data directly from coupon and cashback sites. No API keys, no subscriptions.

Comments

Loading comments...