ecommerce-expert
PassAudited by VirusTotal on May 5, 2026.
Overview
Type: OpenClaw Skill Name: ah-ecommerce-expert Version: 1.0.0 The skill bundle provides a comprehensive and well-structured reference for e-commerce development, including a detailed TypeScript implementation of catalog, cart, checkout, and order management services in `references/examples.md`. The code follows industry best practices, such as using Zod for input validation, Bcrypt for password hashing, and standard integrations for Stripe, Algolia, and AWS. No malicious patterns, data exfiltration attempts, or prompt injections were identified in the instructions or the code examples.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used with real store, payment, or order-management tools, advice from this skill could influence high-impact business actions.
The skill covers payment and checkout workflows, which can affect real purchases if combined with external commerce tools. This is expected for an e-commerce expert skill, and the artifact does not instruct autonomous purchases.
- **Payment Methods**: Credit cards, digital wallets, BNPL, cryptocurrencies
Use sandbox payment gateways during development and require explicit human approval before charges, refunds, order edits, or fulfillment actions.
Copied example code may require access to payment, search, database, cache, and cloud services.
The reference code uses provider credentials and cloud account configuration that would be sensitive if a user implemented the example. This is purpose-aligned for an e-commerce platform and is not shown as a required skill credential.
process.env.STRIPE_SECRET_KEY ... process.env.ALGOLIA_ADMIN_KEY ... process.env.AWS_REGION
Use least-privilege service accounts, keep secrets out of logs and client-side code, and separate test credentials from production credentials.