ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Shopify Payment Optimizer

v1.0.0

Cross-border payment solution comparison for Shopify stores. Compare fees, settlement speed, currency support, and risk profile across Airwallex, WorldFirst,...

0· 60·0 current·0 all-time
by@mguozhen
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's name, description, SKILL.md and analyze.sh are coherent: they implement a Shopify cross-border payment comparison. However, the file analyze.sh calls external binaries (openclaw and python3) even though the registry metadata lists no required binaries; that omission is an inconsistency the author should have declared.
Instruction Scope
SKILL.md instructions themselves stay on-task (compare providers, produce tables, check KYC). The included analyze.sh accepts user input and forwards it verbatim into a prompt passed to a local 'openclaw agent' invocation; this nested agent call may access broader context or networked LLMs and will transmit whatever the user provides to that process. The instructions do not tell the agent to read unrelated files or env vars, but the script's runtime behavior effectively delegates processing to another agent process.
Install Mechanism
No install spec (instruction-only plus a small script). Nothing is downloaded or written to disk by an installer; risk from install mechanism is low. The script itself will execute at runtime if invoked.
Credentials
The skill declares no required environment variables or credentials, which is reasonable for this use case. However, analyze.sh relies on external tools (openclaw, python3) and on whatever configuration those tools use by default—so runtime may access model credentials or network endpoints implicitly. That implicit access is not declared.
Persistence & Privilege
Skill flags: always:false and user-invocable:true. The skill does not request persistent/system-wide privileges or modify other skills. No 'always' or privileged settings are present.
What to consider before installing
This skill appears to do what it says, but take these precautions before installing or running it: - Inspect analyze.sh carefully (you already have it). It runs 'openclaw agent' and python3; ensure you trust the openclaw CLI on your system. The registry metadata should have declared these binaries but did not. - Understand data flow: the script forwards whatever you type directly into a prompt passed to a model process. Do not supply sensitive data (API keys, passwords, full business credentials) to this skill unless you know where the model runs and who can access it. - If you run it, do so in a sandbox/captured environment first to observe network calls and process behavior (e.g., monitor outbound connections). Verify whether the openclaw CLI uses remote models or local-only inference. - Ask the publisher to update metadata to list required binaries (openclaw, python3) and to explain whether the openclaw CLI transmits data to remote services and which credentials/config it uses by default. If you need low-risk use, prefer a version of the skill that does not invoke external agent CLIs or that documents and limits where prompts are sent.

Like a lobster shell, security has layers — review code before you run it.

latestvk97d4q2k0br2zzb6zrk7vby52s83d7k6

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments