ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Supplychainsentinel

v1.0.0

Monitor supplier APIs, port delays, and weather in real-time to trigger automatic PO rerouting and stakeholder alerts. Use when the user needs supply chain d...

0· 93·0 current·0 all-time
by@ncreighton
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description match the declared env vars (Shippo, Flexport, OpenWeather, Slack, SendGrid, and a database) and the required binaries (curl, jq). However the SKILL.md claims integration with many providers (FedEx/UPS/Maersk/Port Authorities/ERP systems) yet only a subset of provider credentials are listed; additional credentials or integrations are implicitly required but not declared.
!
Instruction Scope
Runtime instructions include polling multiple supplier APIs, reading backup supplier lists from your database, sending Slack/email notifications, and automatically creating purchase orders in ERP systems. Those actions are coherent with the stated purpose, but automatic financial actions (PO creation/rerouting) are high-impact and the SKILL.md provides no safe-guards (e.g., manual approval steps) or explicit handling of ERP credentials.
Install Mechanism
Instruction-only skill with no install spec and no code files — lowest installation risk because nothing is downloaded or written by an installer.
!
Credentials
Requested env vars (SHIPPO_API_KEY, FLEXPORT_API_KEY, OPENWEATHER_API_KEY, SLACK_WEBHOOK_URL, SENDGRID_API_KEY, DATABASE_URL) are individually relevant. However DATABASE_URL grants broad access to your procurement data and possibly ERP integration secrets stored in the DB; ERP/API credentials for other carriers and ERPs are not declared but will be needed. The set is large and enables both data exfiltration and automated changes, so least-privilege service accounts and careful scoping are recommended.
Persistence & Privilege
always:false (not force-installed) and disable-model-invocation:false (normal). The skill does not request to modify other skills or global agent settings. The combination of autonomous invocation (platform default) with database and outbound-notification access increases potential impact but is not a misconfiguration by itself.
What to consider before installing
This skill is largely coherent for supply-chain monitoring, but it can perform high-impact automated actions (creating POs, rerouting orders) and requires broad access to your DATABASE_URL and notification endpoints. Before installing: (1) use least-privilege service accounts and limit DATABASE_URL to a read-only/controlled schema if possible; (2) never provide full admin DB credentials — create a scoped user for just the needed tables; (3) ensure ERP integrations require separate, auditable credentials and consider requiring manual approval for PO creation; (4) route Slack/sendgrid webhooks to test channels first; (5) test in a staging environment and review logs/alerts; (6) if you cannot limit permissions or if automatic PO creation is unacceptable, do not install or disable autonomous invocation and require manual confirmation for any financial action.

Like a lobster shell, security has layers — review code before you run it.

latestvk97989p5bq82fdpjny19pvacw5832ajk

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Clawdis
OSmacOS · Linux · Windows
Binscurl, jq
EnvSHIPPO_API_KEY, FLEXPORT_API_KEY, OPENWEATHER_API_KEY, SLACK_WEBHOOK_URL, SENDGRID_API_KEY, DATABASE_URL

Comments