v1.0.5

Shopware Expert

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 8:01 AM.

Analysis

This is mainly a Shopware documentation/helper skill; it can guide API changes and use optional Admin credentials, so keep permissions narrow, but no provided artifact shows malicious behavior.

GuidanceInstall only if you want Shopware 6 development/API assistance. Configure it with the minimum needed Shopware URL and credentials, prefer staging, keep curl and any extra gateway tools tightly allowlisted, and review any API mutation or remote setup command before it runs.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusNote

SKILL.md

API and integration tasks: e.g. search or update entities via Admin API / Store API ... use staging, least privilege, and explicit approval for destructive work.

The skill can guide HTTP/API actions that modify a Shopware instance, but it also frames these actions as Shopware-specific and requires user safety controls for destructive work.

User impactIf granted credentials and curl access, the agent may help change products, content, or other Shopware data.

RecommendationUse staging first, keep gateway tool allowlists narrow, and require explicit approval before create/update/delete operations on a real store.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

references/INSTALLATION_AND_HOSTING_PART3.md

curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install

A bundled setup reference includes a remote installer command. It is documentation for a development environment, not an automatic skill install step, but it would execute third-party code if copied and run.

User impactRunning remote installer commands without review can change the local development machine.

RecommendationRun setup commands manually only when needed, verify the upstream source, and avoid letting the agent automatically execute remote installer snippets.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceHighStatusNote

SKILL.md

Common additions for Admin API automation ... SHOPWARE_ADMIN_API_CLIENT_ID, SHOPWARE_ADMIN_API_CLIENT_SECRET, SHOPWARE_OAUTH_TOKEN_URL ... Store all secrets in env ... never in chat or Git.

Optional Admin API credentials are expected for Shopware automation, but they carry account-level authority and need careful scoping.

User impactOver-privileged Admin API credentials could let the agent perform broader store actions than intended.

RecommendationCreate least-privilege Shopware API credentials, prefer staging credentials, rotate secrets if exposed, and avoid placing secrets in chat or repositories.