МойСклад
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
This appears to be a legitimate MoySklad API helper, but it can send your ERP credentials to arbitrary URLs and exposes broad write/delete API access.
Use this only if you are comfortable granting ERP API access. Prefer a least-privilege token over login/password, avoid using the raw API command with full URLs, and consider patching the script to reject non-MoySklad hosts and require confirmation for write/delete actions.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your MoySklad account token or login/password could be exposed to an arbitrary website if the raw API command is invoked with a full external URL.
The direct API helper accepts absolute http/https URLs and still attaches the MoySklad Authorization header, so a mistaken or manipulated call could disclose the token or Basic Auth credentials to a non-MoySklad server.
const url = path.startsWith("http") ? path : `${BASE_URL}${path}`; ... headers: { Authorization: getAuthHeader(), ... }Restrict requests to relative paths under https://api.moysklad.ru/api/remap/1.2 or validate that absolute URLs have the exact expected scheme and host before sending Authorization.
An incorrect or prompt-driven invocation could create, update, or delete ERP records such as products, counterparties, orders, invoices, or webhooks.
The raw `api` command forwards arbitrary HTTP methods, paths, and JSON bodies using the user's ERP credentials, which bypasses the safer scoped commands.
const [method, path, bodyStr] = positional; ... const result = await api(method.toUpperCase(), path, body);
Add explicit confirmation for POST/PUT/DELETE, restrict allowed endpoints and methods, and prefer scoped commands over a general raw API escape hatch.
A user may not realize from the registry metadata that the skill needs ERP credentials with potentially broad account authority.
The registry metadata under-declares the credential requirement even though SKILL.md instructs users to set MOYSKLAD_TOKEN or MOYSKLAD_LOGIN/MOYSKLAD_PASSWORD.
Required env vars: none; Env var declarations: none; Primary credential: none
Declare the required credential and environment variables in the registry metadata and recommend least-privilege/read-only tokens where possible.