ClawHub

Shopware Expert

v1.0.5

Enable Shopware 6 superpowers for OpenClaw. Get a massive boost in knowledge about everything related to Shopware 6 in general and Shopware 6 development.

0· 92·0 current·0 all-time
by@realm1lf
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill bundles Shopware developer documentation and runtime instructions. The only declared requirements are curl and SHOPWARE_BASE_URL, which are appropriate and proportional for an agent that will make HTTP requests to a Shopware instance and reference local docs.
Instruction Scope
SKILL.md confines behavior to consulting bundled documentation and making HTTP/API calls to the configured SHOPWARE_BASE_URL. It explicitly mentions optional Admin API OAuth env vars only for automated Admin API work. Note: if you enable broader gateway tools (bin/console, Composer, file edits) the AI may perform more invasive actions — those require explicit allowlisting in your gateway policy.
Install Mechanism
This is instruction-only with no install spec or external downloads. Nothing will be written to disk by an installer from an untrusted URL, minimizing install-time risk.
Credentials
Only SHOPWARE_BASE_URL is required for eligibility. The docs mention optional OAuth credentials for Admin API automation, which is expected for this scope. No unrelated secrets or unrelated service credentials are requested.
Persistence & Privilege
The skill is not marked always:true and requests no system-wide config changes. It only references its own bundled documentation and runtime env entries; it does not request persistent elevated privileges.
Assessment
This skill is a local bundle of Shopware developer docs and runtime instructions that will make HTTP requests to the Shopware URL you provide. Before installing: 1) Only set SHOPWARE_BASE_URL if you want the agent to be able to query that host. 2) Keep any Admin API client id/secret or token variables out of chat and store them in the host's secure env/vault if you enable automation. 3) Restrict the gateway tools.allow policy so the agent only has curl (or other explicitly approved tools) — otherwise it could run commands like bin/console or edit files if you permit them. 4) Prefer testing against a staging instance and confirm the Shopware version before letting the AI perform non-trivial changes. 5) If you don't want any network calls to your shop, do not set SHOPWARE_BASE_URL.

Like a lobster shell, security has layers — review code before you run it.

latestvk9748xfxvmexrjpm7ncp31r6jx83cct7

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Any bincurl
EnvSHOPWARE_BASE_URL

Comments