ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

costco-inventory-monitor

v1.1.0

Monitor Costco inventory by ZIP and run it safely with OpenClaw cron. Keep secrets outside the skill directory.

0· 24·0 current·0 all-time
by@cweiping
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The name/description (Costco inventory monitor) align with the included scripts: they fetch product pages (via a proxy), parse availability, and write reports. However the skill metadata declares no required environment variables or config paths while the scripts and SKILL.md require a secret env file (/root/.openclaw/workspace/.secrets/costco-monitor.env) and many environment variables (PROXY_URL, ZIP_CODES, OUTPUT_JSONL, STATE_FILE, REPORT_FILE, LOG_FILE and PRODUCT_* variables). The mismatch between declared requirements and actual runtime requirements is incoherent.
!
Instruction Scope
SKILL.md and run_monitor.sh explicitly instruct creating and sourcing a secret file under /root/.openclaw/workspace/.secrets and instruct running the runner via OpenClaw cron. The instructions reference specific absolute paths and require reading all PRODUCT_* env variables from the secret file; these runtime reads are not declared in registry metadata. The cron instruction asks the agent to run the script and return the report file — appropriate for the task, but it gives the agent direct instructions to run a filesystem-scoped runner and access the secret file.
Install Mechanism
No install spec is present (instruction-only plus bundled scripts). Nothing is downloaded or written by an install stage; risk from install mechanism is low.
!
Credentials
Although the SKILL.md recommends keeping secrets out of the skill directory, the skill implicitly requires a secret env file and multiple environment variables (proxy credentials or proxy URL, product specs via PRODUCT_* variables, ZIP_CODES, and several output/log paths). None of these are declared in the registry metadata. In particular, PROXY_URL may contain credentials and will be used as an outbound proxy for all product requests; if pointed at an untrusted proxy it could capture request payloads and responses. The number and sensitivity of required env values is higher than the metadata indicates.
Persistence & Privilege
The skill does not request always:true and does not alter other skills' configuration. It writes outputs to workspace paths under /root/.openclaw/workspace/ops and expects a secrets file in the workspace .secrets directory—this is normal for a runner-style skill. Autonomous invocation is allowed (platform default) but not uniquely privileged by this skill.
What to consider before installing
This skill appears to implement a legitimate Costco inventory checker, but its registry metadata omits important runtime requirements. Before installing or enabling it: - Inspect and populate the required secret file (/root/.openclaw/workspace/.secrets/costco-monitor.env) yourself; verify it contains only the expected variables (PRODUCT_*, ZIP_CODES, PROXY_URL, OUTPUT_JSONL, STATE_FILE, REPORT_FILE, LOG_FILE) and no extra secrets. The skill will source that file at runtime. - Treat PROXY_URL as sensitive: it may include username:password@host. Do not point it at an untrusted proxy (it would see all fetched pages and could capture credentials/contents). - Ensure output/log paths are correct and have appropriate permissions so other users/agents cannot read sensitive content. - Because the package metadata didn't declare these env/config requirements, consider this a red flag — ask the publisher/maintainer to update registry metadata to declare the required config path and environment variables explicitly before enabling automated runs. - If you plan to run this on an automated schedule, start with a one-off manual run to validate behavior and outputs, and confirm no unexpected outbound endpoints (beyond the product URLs and any proxy you intentionally configured) are contacted. If the registry were updated to declare the required config path and environment variables and you verify PROXY_URL and secret contents, the skill would be much more coherent; until then treat it cautiously.

Like a lobster shell, security has layers — review code before you run it.

latestvk9732tnesy2t2c55pr13cgawbn842x6j

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Costco Inventory Monitor

Goal

Provide a repeatable workflow to check Costco inventory for one or more products across multiple ZIP codes, then write a report for downstream channels (for example WeCom).

Repository Safety Rules

  • The skills/costco-inventory-monitor directory must contain scripts, templates, and docs only.
  • Never store real AK/SK, tokens, passwords, or proxy credentials inside skills/.
  • Real runtime secrets must be stored in /root/.openclaw/workspace/.secrets/costco-monitor.env.
  • .secrets/ must stay in .gitignore and should not be committed.

Files

  • Runner: scripts/run_monitor.sh
  • Inventory checker: scripts/check_costco_inventory.py
  • Config template (safe to commit): config/monitor.env.example
  • Standard reference: references/costco-inventory-standard.md

Runtime Setup

  1. Create the real secret config from template:
mkdir -p /root/.openclaw/workspace/.secrets
cp /root/.openclaw/workspace/skills/costco-inventory-monitor/config/monitor.env.example /root/.openclaw/workspace/.secrets/costco-monitor.env
chmod 600 /root/.openclaw/workspace/.secrets/costco-monitor.env
  1. Edit /root/.openclaw/workspace/.secrets/costco-monitor.env and fill real values:
  • PRODUCT_1, PRODUCT_2, ...
  • ZIP_CODES
  • PROXY_URL
  • output paths (OUTPUT_JSONL, STATE_FILE, REPORT_FILE, LOG_FILE)
  1. Run once to validate:
/root/.openclaw/workspace/skills/costco-inventory-monitor/scripts/run_monitor.sh

OpenClaw Cron (every 5 minutes)

Use OpenClaw cron, not system crontab, for this skill.

openclaw cron create \
  --name costco-inventory-monitor-5m \
  --every 5m \
  --session isolated \
  --model hunyuan/hunyuan-t1-latest \
  --delivery none \
  --message 'Run /root/.openclaw/workspace/skills/costco-inventory-monitor/scripts/run_monitor.sh and then return only the contents of /root/.openclaw/workspace/ops/costco-monitor/latest_report.txt.'

Existing production job id (created): 29515da3-2b5b-491b-b516-69875b4376a6.

Example Products and ZIPs

  • Product: 4000362984|TCL 55" Q77K|https://www.costco.com/p/-/tcl-55-class-q77k-series-4k-uhd-qled-smart-tv-allstate-3-year-protection-plan-bundle-included-for-5-years-of-total-coverage/4000362984?langId=-1
  • ZIPs: 03051, 97230

Output Locations

  • Report: /root/.openclaw/workspace/ops/costco-monitor/latest_report.txt
  • Log: /root/.openclaw/workspace/ops/costco-monitor/monitor.log
  • Snapshot JSONL: /root/.openclaw/workspace/ops/costco-monitor/snapshots.jsonl
  • State: /root/.openclaw/workspace/ops/costco-monitor/state.json

GitHub Checklist

  • Commit: skills/costco-inventory-monitor/** and optional ops wrapper scripts.
  • Do not commit: /root/.openclaw/workspace/.secrets/**, real proxy/account credentials, runtime logs, local state files.

Files

18 total
Select a file
Select a file to preview.

Comments

Loading comments…