Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Amazon After Sales Flow Luoqianchenguni Max
v0.1.1Automates Amazon after-sales by opening orders, accessing details, running contact flow, and drafting or sending seller messages with explicit confirmation.
⭐ 0· 130·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The declared purpose (automating Amazon after‑sales: open orders, fetch details, run contact flows, draft/send messages) is consistent with the shipped skill descriptors (many small browser/dom-focused skills) and the package.json dependency on Playwright. However the metadata said 'instruction-only' while README and shipped files indicate this package is NOT instruction-only and contains runnable JS (and duplicated .py stubs). That mismatch between registry metadata and the actual artifact set is unexpected and should be explained by the author.
Instruction Scope
SKILL.md and the dist skill JSONs explicitly instruct reading Amazon page DOMs, opening orders, drafting messages, and optionally sending them with explicit confirmations. This scope is appropriate for the described automation, but it necessarily accesses sensitive personal data in the active browser session (orders, messages, order IDs, prices). The skill also saves local artifacts (screenshots/DOM) to the workspace. The SKILL.md claims 'No external upload endpoint is configured by default', but you should verify the runtime code (_easybuy_browser_runtime.js) for any network/upload calls before running.
Install Mechanism
There is no platform install spec, but the package expects you to run 'npm install' and 'npx playwright install chromium' (package.json depends on playwright; package-lock points to npm registry). This is a standard but heavyweight install (Playwright + browser binaries). Because the project ships a ~64KB runtime JS file, the package is not truly instruction-only — that larger artifact should be reviewed prior to installation/execution. No unusual or remote download URLs were observed in the provided manifests.
Credentials
The skill requests no environment variables, credentials, or config paths — appropriate because it operates within an active Playwright browser session and relies on the user's existing Amazon login. There are no declared unrelated credentials. Note that DOM access necessarily exposes personal order/messaging data from the user's browser.
Persistence & Privilege
always:false (not force‑installed) and autonomous invocation is allowed (default). The skill may write artifacts to its workspace, which is expected for evidence/screenshot export. It does not request elevated platform privileges nor claim to modify other skills or system-wide agent settings.
What to consider before installing
This package appears to implement the described Amazon after‑sales automation and uses Playwright (so you'll need to run npm install and install Chromium). However: (1) the registry/metadata claims 'instruction-only' while the bundle contains runnable JS (including a large _easybuy_browser_runtime.js) — that inconsistency is concerning and worth asking the author to explain; (2) the runtime will read Amazon order and messaging DOM (sensitive data) and can save local artifacts — inspect the code for any network/upload calls before running; (3) run the package in an isolated/test environment (not your primary profile) and verify the send gating (auto_send + confirm_send) manually; and (4) if you lack the ability to audit the runtime JS, avoid running it against an account with real personal data or funds until you can review the code or get assurances from the author.Like a lobster shell, security has layers — review code before you run it.
latestvk97f6vsbzzx841pzgyskyca87h83314j
License
MIT-0
Free to use, modify, and redistribute. No attribution required.