ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Crossborder Ecom Hub

v1.0.1

专业跨境电商多平台管理工具,支持TikTok、Amazon、Shopee、Lazada商品、订单、库存同步及智能定价。

0· 70·0 current·0 all-time
by@lvjunjie-byte·duplicate of @lvjunjie-byte/crossborder-ecom-hub
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
Registry top-level metadata (requirements: no env vars, primary credential: none, 'instruction-only') contradicts the bundled files (package.json, bin/cli.js, many src/*.js) and the SKILL.md which instructs storing numerous API keys for TikTok, Amazon, Shopee, Lazada and Feishu. A real multi‑platform e‑commerce tool reasonably needs those credentials, but the registry listing incorrectly says none are required — this mismatch is incoherent and increases risk.
!
Instruction Scope
SKILL.md instructs creating a config at ~/.crossborder-ecom/config.json and storing many API keys (including Amazon secretKey and Feishu bitableToken). The runtime instructions and CLI code will read/write that file and use those credentials to call external platform APIs (expected). However the SKILL.md and commands reference environment variables that are not declared in the top-level registry metadata. The instructions do not explicitly tell the agent to read unrelated system files, but they do instruct persistent storage of sensitive credentials in the user's home directory — this should be considered when granting access.
!
Install Mechanism
The registry states 'No install spec — instruction-only', but the skill bundle includes a full Node.js package (package.json), a CLI binary (bin/cli.js), and many src files. That means this is not simply an instruction-only skill: it contains executable code which will run if installed. There is no remote download of arbitrary code in the install spec (the code is bundled), but the mismatch between 'instruction-only' and actual code presence is an inconsistency that reduces transparency.
!
Credentials
The SKILL.md and config.example request many secrets: TikTok apiKey/apiSecret, Amazon accessKey/secretKey, Shopee partnerId/apiKey, Lazada apiKey/apiSecret, and Feishu appId/appSecret/bitableToken (also possible webhooks). Those are appropriate for the stated multi‑platform purpose, but the top-level metadata claims no required env vars. Requiring multiple unrelated credentials (payment/marketplace + internal collaboration token) increases blast radius if the skill is malicious or buggy. Users should only provide the minimum necessary credentials and verify code handling them.
Persistence & Privilege
The tool will create and use ~/.crossborder-ecom/config.json to persist credentials and settings (bin/cli.js does this). always:false (no forced installation) and system autonomy flags are default. Persisting secrets locally is expected for a CLI of this kind, but storing multiple secrets in a file increases risk if the bundle is untrusted. The skill does not request elevated system-wide privileges in metadata, but it will write to the user's home directory.
What to consider before installing
This package is internally inconsistent: the registry claims no env vars and 'instruction-only', yet the bundle includes runnable Node.js code and the SKILL.md instructs you to store many API secrets in ~/.crossborder-ecom/config.json. Before installing or providing credentials: 1) Verify the upstream source (the registry shows 'Source: unknown' while README and clawhub.json reference a GitHub repo) — confirm the repo and tags on GitHub and that the maintainer is trusted. 2) Inspect the missing src files (especially src/feishu.js and src/platforms/*) for any hard-coded or unexpected remote endpoints, telemetry, or credential exfiltration. 3) Prefer using least-privilege credentials (scoped API keys, read-only tokens) and avoid providing root/owner-level secrets. 4) Run the tool in an isolated environment (container or disposable VM) and monitor outbound network requests on first run. 5) If you need to use it in production, request clarification from the author and a signed/reproducible release; do not install or store live marketplace secrets until you confirm the code behavior.
src/feishu.js:10
Environment variable access combined with network send.
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk970wqtcp88ddfbdfhnj51vxax838jyq

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments