Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
МойСклад
v1.0.1МойСклад ERP — управление товарами, контрагентами, заказами, складами, остатками и документами через REST API. Используй когда нужно получить данные из МойСк...
⭐ 0· 38·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill name, description, SKILL.md, and the included Node.js CLI (scripts/moysklad.mjs) all consistently implement a MoySklad REST API helper (listing products, counterparties, orders, creating objects, direct API proxy). Functionality requested by the code is coherent with the stated purpose. However, the registry metadata claims 'Required env vars: none' while the SKILL.md and code explicitly require MOYSKLAD_TOKEN or MOYSKLAD_LOGIN + MOYSKLAD_PASSWORD — this metadata omission is an inconsistency.
Instruction Scope
Runtime instructions are narrowly scoped to authenticating to MoySklad and making REST calls (me, products, orders, create-counterparty, create-order, api proxy). The SKILL.md does not instruct the agent to read unrelated files, hostnames, or system secrets beyond the declared MoySklad credentials. The CLI code likewise only calls the MoySklad API base URL and formats output.
Install Mechanism
There is no install spec (instruction-only deployment plus bundled script). No downloads from external or untrusted URLs, no archives extracted, and the script is plain JavaScript with no obfuscation. This is low-risk from an install perspective.
Credentials
Requiring a MOYSKLAD_TOKEN or login/password is appropriate for a MoySklad integration. The concern is the registry metadata does not declare these required environment variables or mark a primary credential, meaning an agent or installer may not surface a credentials prompt or policy check — increasing the chance a user will unknowingly supply sensitive credentials. The credential types requested (API token or account password) are sensitive and should be explicitly declared in metadata.
Persistence & Privilege
The skill does not request always:true or any elevated system presence; it is user-invocable and uses standard CLI behavior. It does not modify other skills' configs or request persistent agent-wide privileges.
What to consider before installing
This package appears to be a straightforward MoySklad API CLI: it only talks to https://api.moysklad.ru and the code is readable. However, the registry metadata failing to declare that the skill needs MOYSKLAD_TOKEN or MOYSKLAD_LOGIN/MOYSKLAD_PASSWORD is an important mismatch. Before installing, confirm the skill source (author/repository) and prefer using a dedicated API token (not your full account password) with minimal scope. Do not paste credentials into unknown or unverified skill portals. If possible, inspect scripts/moysklad.mjs yourself or run it in a constrained environment (e.g., a disposable account or container) to verify it only contacts api.moysklad.ru. If you manage multiple skills, ensure this skill is not granted persistent or cross-skill credentials and consider requesting the publisher update registry metadata to declare the required env vars.scripts/moysklad.mjs:14
Environment variable access combined with network send.
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk970zdeb4p4jvzmdt6c8ej5q6s84v7vh
License
MIT-0
Free to use, modify, and redistribute. No attribution required.