Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Buy Anything
v3.0.5Purchase products from Amazon and Shopify stores through conversational checkout. Use when user shares a product URL or says "buy", "order", or "purchase" wi...
⭐ 2· 2.3k·3 current·3 all-time
by@tsyvic
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description promise (buying from Amazon and Shopify) matches the instructions: the skill uses a Rye partner endpoint and BasisTheory tokens to place orders. It only requires curl and no unrelated credentials or config paths, which is proportionate to the described functionality.
Instruction Scope
Instructions stay within the stated checkout flow: prompt for product URL, collect shipping info, open a browser card-capture page, accept a BasisTheory token from the user, and POST to Rye endpoints. The skill collects personal data (name, email, phone, shipping address) and a reusable payment token — this is expected for checkout but is sensitive and should be handled carefully. The SKILL.md explicitly forbids the agent from fetching product URLs itself and instead delegates validation to Rye's API.
Install Mechanism
Instruction-only skill with no install spec and only a dependency on curl. Nothing is downloaded or written to disk by the skill itself — lowest-risk install posture.
Credentials
No environment variables, keys, or config paths are requested. The only secrets involved are user-supplied BasisTheory token(s) entered interactively; those are appropriate for payment processing but are sensitive.
Persistence & Privilege
The skill recommends (opt-in) saving BasisTheory tokens and shipping addresses to local memory for future purchases. This is coherent for convenience, but it elevates sensitivity: a stored reusable payment token can be used to make subsequent purchases. The skill asserts it will ask for confirmation before using saved tokens, but that behavior is instruction-only (not enforced by the platform). Also, since the agent may be allowed to invoke skills autonomously by default (disable-model-invocation is false), saved tokens increase the potential impact if agent behavior or platform memory synchronization is misconfigured or abused.
Assessment
This skill appears to do what it says, but before installing consider: 1) Do not paste full card numbers into chat — only paste the BasisTheory token as instructed. 2) Prefer not to save reusable payment tokens if you have low trust in your device or the platform's local memory isolation; if you do save them, know how to delete/forget them. 3) Confirm the skill prompts you for explicit approval before each purchase; the SKILL.md says it will, but that is not technically enforced by the platform. 4) Verify you trust the third parties named (Rye and BasisTheory) and the statement that saved tokens are stored only locally — ask the platform vendor if memory is ever synced to the cloud. 5) Be aware Amazon orders are placed via a third-party Amazon account (not your own). If any of these points are unacceptable, do not save tokens and require confirmation for every order.Like a lobster shell, security has layers — review code before you run it.
latestvk974fycctshxf65mn7dyscaeh584v9dp
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
📦 Clawdis
Binscurl