ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Profit Margin Calculator Tiktok

v0.1.0

TikTok Shop profit margin calculator for sellers. Calculate cost breakdowns including affiliate commissions, platform fees, and FBT costs. Includes return ra...

0· 57·0 current·0 all-time
byHenk Nie@phheng
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The SKILL.md advertises a TikTok Shop calculator (mentions FBT, creator commissions, 5% platform fee), but the bundled script's header, comments, variable names, and fee tables reference Amazon and FBA (e.g., 'Amazon Profit Calculator', REFERRAL_FEE_RATES, FBA_FULFILLMENT_FEES). This mismatch indicates the code does not match the stated purpose and suggests the author reused Amazon logic without adapting it for TikTok.
!
Instruction Scope
Runtime instructions simply run python3 scripts/calculator.py (optionally with JSON). The SKILL.md example uses a key name 'creator_commission_rate', but the ProductInput dataclass uses 'referral_fee_rate' and Amazon-oriented fields (fba_fulfillment_fee, referral_fee). These naming and domain mismatches mean the script may ignore some inputs or apply Amazon rules to TikTok scenarios, producing incorrect analyses. The instructions don't warn about these shortcomings.
Install Mechanism
No install spec; skill is instruction-only with a local Python script. No downloads, external packages, or installers are triggered by the skill bundle itself, which keeps installation risk low.
Credentials
The skill requests no environment variables, secrets, or config paths. The code imports only standard libraries (json, csv, sys) and does not appear to perform network I/O or request credentials, so there is no disproportional credential access.
Persistence & Privilege
The skill is not set to always:true and has no installers that modify agent configuration. It does not request elevated persistence or cross-skill configuration changes.
What to consider before installing
This package claims to be for TikTok Shop but the included Python code appears to be an Amazon/FBA calculator repurposed without proper updates. It does not request credentials and likely won't exfiltrate data, but using it as-is could give wrong profit estimates. Before installing or using: (1) ask the author to confirm the intended platform and to update variable names, fee tables, and comments for TikTok/FBT; (2) test the script with known inputs and compare results to manual calculations to verify behavior; (3) search the code for any network calls (none are apparent in the visible portion) before running with real business data; (4) avoid relying on its output for pricing or financial decisions until corrected. If you need a trustworthy TikTok Shop calculator, prefer a tool explicitly maintained for TikTok/FBS with documented fee sources.

Like a lobster shell, security has layers — review code before you run it.

latestvk9728aj53f048dewc44w95jyad83d9nb

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments