Audtools Ecommerce Category Collector
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill is mostly coherent for Audtools bulk collection, but it embeds and uses Audtools login credentials while automating bulk task submission and export.
Review this skill before installing. Replace the embedded Audtools phone number and password with your own securely supplied credentials, verify that you are allowed to collect/export the target data, and run with --test or --no-export until you confirm the CSV and account behavior are correct.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone installing or running the skill may use or expose the embedded Audtools account, and actions taken by the agent could affect that account's data, quota, or service access.
The script hardcodes an Audtools phone number and password even though the registry declares no primary credential or required environment variables.
username: '15715090600', password: 'zzw12345'
Remove hardcoded credentials, require the user to provide their own credentials through a declared secret/config mechanism, and document exactly which account permissions are needed.
A mistaken CSV path or large directory could cause many Audtools collection/export actions under the logged-in account.
The skill intentionally drives a browser to log in, submit collection tasks, select all collected products, and trigger export.
自动登录、提交采集任务,自动全选所有已采集商品并触发导出
Use test mode first, verify the CSV contents, prefer explicit item limits, and use --no-export unless automatic export is intended.
Installing dependencies may fetch a newer compatible package version than the one originally tested.
The README instructs npm install, and the dependency version is specified with a caret range rather than an exact pinned version.
"dependencies": {
"csv-parse": "^5.5.0"
}Review the dependency source and consider using a lockfile or pinned dependency version for reproducible installs.