ClawHub

Shopify Order Management

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate ecommerce automation skill, but it needs review because it handles customer data and sends cart-recovery emails without clear consent, suppression, or retention controls.

Install only after confirming the workflow uses your approved Shopify, Google Sheets, and SMTP accounts with least-privilege credentials. Before enabling abandoned-cart emails, add or verify consent checks, unsubscribe/suppression handling, regional compliance requirements, field minimization, sheet access limits, and a retention policy for exported customer data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill is designed to collect, process, store, and email customer PII and commerce data, including order details, contact information, shipping addresses, and abandoned checkout data, yet it provides no explicit privacy, retention, consent, or compliance guidance. In this context, that omission increases the risk of unsafe deployment, unauthorized data sharing, and regulatory violations, especially because the workflows transmit customer data across Shopify, Google Sheets, and SMTP.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The workflow emails customer-specific cart contents, pricing, name, and a recovery URL without any visible consent, suppression, or policy checks in the workflow itself. In a commerce context this can expose personal data and shopping behavior through email, create privacy/compliance issues, and may send sensitive recovery links to recipients without verifying eligibility or prior marketing consent.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal