Skillv1.0.2

ClawScan security

SellerSprite Product Research · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 9, 2026, 3:36 PM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The SKILL.md claims to run local bash scripts and call the SellerSprite API with a secret key, but the package declares no env vars, no install, and contains no code — the pieces don't line up and you should inspect the missing scripts and secret usage before installing.
Guidance: This skill's README (SKILL.md) expects you to export SELLERSPRITE_SECRET_KEY, have the 'openclaw' CLI, and run local scripts under ~/.claude/skills/..., but the package contains no scripts and the manifest doesn't declare the secret or binaries. Before installing: (1) verify the source repository and inspect selection.sh, fetch.sh, and analyze.sh — do NOT run unknown scripts without review; (2) confirm what SellerSprite API scopes the key needs and prefer a least-privilege key; (3) ensure openclaw CLI is the legitimate tool you expect; (4) ask the publisher to correct the manifest (declare required env vars and binaries) or provide the missing scripts. If you must proceed, review the scripts line-by-line and run them in a sandboxed environment rather than your main account.

Review Dimensions

Purpose & Capability: concernThe skill's description says it will call the SellerSprite API and run AI analysis; that legitimately requires a SELLERSPRITE_SECRET_KEY and an AI CLI ('openclaw'). However the registry metadata lists no required env vars or binaries. The declared purpose would reasonably need an API key and an AI client, so the manifest is inconsistent with the stated capability.
Instruction Scope: concernSKILL.md instructs running ~/.claude/skills/sellersprite-product-research/selection.sh (and references fetch.sh, analyze.sh) and exporting SELLERSPRITE_SECRET_KEY; it also expects the openclaw CLI. Those runtime instructions reference local scripts and an environment secret not declared in the skill manifest. The skill would run code from a user's home path and call an external API — but no code is bundled, so it's unclear what will run.
Install Mechanism: noteThere is no install spec (instruction-only), which is lower risk by itself. However SKILL.md assumes pre-existing scripts under ~/.claude/skills/... and the openclaw CLI. The absence of bundled scripts is an incoherence (the instructions expect files that aren't present).
Credentials: concernThe runtime instructions require SELLERSPRITE_SECRET_KEY (sensitive) and access to an AI client, but the skill manifest declares no required environment variables or primary credential. Requesting an API secret is reasonable for this purpose, but the omission from the manifest and lack of explanation about secret scope/permissions is a red flag.
Persistence & Privilege: okThe skill does not request always:true and does not claim to modify other skills or system-wide settings. It appears not to request elevated or persistent platform privileges.