Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
SKILL.md and README describe real-world shopping: cloud authCode/secretToken, payment (aipay), and OpenClaw cron scheduling. The included scripts implement only local mock search/purchase logic (mockGoodsData, mockBuyResponse) and do not call any external APIs, do not read seap.config.json, and do not integrate with a cron service or payment gateway. The declared purpose (real purchases) does not match the actual capability (demo/mock local behavior).
Instruction Scope
The runtime instructions tell the agent to run node commands, read/write `${sessionId}.json` and `${sessionId}_state.json`, use a secretToken for deferred payments, and create cron tasks. The CLI writes sessionId.json results but does not implement cron creation or payment token usage. The SKILL.md also inconsistently references command names (e.g., 'node scripts seap-cli' vs the actual file seap-cli.js) and describes state files that are not fully managed by the code. Instructions thus promise actions (networked payments, scheduling) that the code does not perform.
Install Mechanism
No install spec is provided (instruction-only + included JS file). Nothing is downloaded or extracted from external URLs; risk from install mechanism is low. The skill does write/read files in the skill working directory at runtime (session JSON files).
Credentials
No environment variables or external credentials are required by the package metadata. However, SKILL.md and seap.config.json instruct the user to store sensitive values (authCode, secretToken, address) in a local seap.config.json file. Those tokens are not used by the included CLI, which is inconsistent — storing payment tokens in plaintext config files is a potential security risk and should be avoided unless you verify the code and storage protections.
Persistence & Privilege
always is false; the skill is user-invocable and may be invoked autonomously (platform default). The skill writes per-session files (e.g., `${sessionId}.json`) in the skill directory at runtime but does not modify other skills or system-wide settings. No elevated persistence requests are present.
What to consider before installing
This skill reads and writes local session files and documents a workflow that would require payment tokens, cron scheduling, and cloud APIs — yet the shipped JS is a local mock that does not perform networked payments or scheduling. Before installing or supplying any real payment credentials: (1) treat this as a demo/placebo implementation until the author provides real API integrations; (2) do not store real payment tokens in seap.config.json in plaintext; (3) review/modify the scripts to implement secure API calls, encrypted credential storage, and proper cron integration or run it in an isolated/test environment; (4) if you expect automatic scheduled purchases, require the author to demonstrate secure handling of tokens, network endpoints, and error handling. If you cannot verify those, avoid providing real secrets or using the skill for real purchases.Like a lobster shell, security has layers — review code before you run it.
latestvk97b9cwb542bs9jxs6vyqf74rx844anh
License
MIT-0
Free to use, modify, and redistribute. No attribution required.