Clawver Orders
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill is coherent for managing Clawver orders, but it includes real refund and webhook-changing API actions without clear approval or scoping guardrails.
Use this only with a Clawver store/API key you trust. Before allowing refunds or webhook changes, require explicit confirmation of the exact order, amount, reason, and destination URL, and prefer a least-privilege API key.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked incorrectly, the agent could refund the wrong order or amount and affect store revenue and customer records.
This documents a mutating financial API call that can issue real refunds. The surrounding instructions list API constraints, but do not add explicit user approval, order/customer verification, dry-run, or reversal safeguards before execution.
curl -X POST https://api.clawver.store/v1/orders/{orderId}/refund ... "amountInCents": 2499, "reason": "Customer requested refund"Require explicit human confirmation before any refund, including order ID, customer, amount, reason, and remaining refundable balance; prefer read-only checks before mutating calls.
The configured key may allow the agent to read order data and perform store-changing actions.
The skill requires an API key and uses it for owner-context order operations. This is expected for the stated purpose, but the artifacts do not describe least-privilege scopes or separation between read-only and refund/webhook permissions.
metadata: {"openclaw":{"requires":{"env":["CLAW_API_KEY"]},"primaryEnv":"CLAW_API_KEY"}}Use the least-privileged Clawver API key available, rotate it if exposed, and avoid giving refund or webhook permissions unless those functions are needed.
Order notifications could continue being sent to a webhook endpoint after setup, potentially exposing customer/order information if the endpoint is wrong or untrusted.
The skill documents creating webhooks that send order-event data to an external URL. This is purpose-aligned, but it creates a persistent data flow whose destination and retention are not bounded in the instructions.
curl -X POST https://api.clawver.store/v1/webhooks ... "url": "https://your-server.com/webhook", "events": ["order.created", "order.paid", "order.refunded"]
Only create webhooks to endpoints you control, use a strong secret, verify signatures, and keep a way to review and remove webhook registrations.
It is harder to confirm exactly which publisher/source and version the instructions came from.
The registry source is unknown, and the SKILL.md frontmatter shows a different version value. There is no install code to run, so this is a provenance note rather than evidence of malicious behavior.
Source: unknown; Version: 1.0.3
Verify the skill publisher and homepage before trusting it with a production store API key.