ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Sales Tracking Tool

v1.0.0

Track and analyze e-commerce sales performance across platforms. Set up KPI dashboards, trend analysis, and performance alerts to catch issues and opportunit...

0· 122·0 current·0 all-time
bynexscope-ai@nexscope

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for nexscope/sales-tracking-tool.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Sales Tracking Tool" (nexscope/sales-tracking-tool) from ClawHub.
Skill page: https://clawhub.ai/nexscope/sales-tracking-tool
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install sales-tracking-tool

ClawHub CLI

Package manager switcher

npx clawhub@latest install sales-tracking-tool
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill claims cross-platform sales tracking (Amazon, Shopify, Walmart, etc.) and alert/dashboard setup, which normally requires API access, connectors, or software to run. However, the skill metadata declares no dependencies, no install spec, and no required credentials. The SKILL.md includes an 'Install' command that references a separate npm package (nexscope-ai/eCommerce-Skills), but that external dependency is not declared in the registry metadata. This mismatch means the skill as-published does not actually contain or request the resources typically needed to perform the claimed integrations.
Instruction Scope
The runtime instructions themselves are limited to conversational steps (collect info, ask a single follow-up, analyze, produce output). They do not instruct the agent to access local files, environment variables, or external APIs directly. However, the SKILL.md suggests the user run 'npx skills add nexscope-ai/eCommerce-Skills', which implies installing external code that might perform the integrations; that external action is outside the skill's declared scope and should be clarified.
!
Install Mechanism
There is no declared install spec in the skill metadata (lowest-risk), but SKILL.md instructs users to run an npx command that installs code from an external package. Because the registry entry does not declare this package as a dependency or provide an official install mechanism, the presence of an ad-hoc npx install line is a red flag: it points consumers to execute an external installer that has not been recorded or vetted here.
!
Credentials
The skill requests no environment variables or credentials, which is inconsistent with its stated capability to integrate with many e-commerce platforms (which normally require API keys, tokens, or store credentials). The absence of declared credentials could be benign if the skill is purely advisory, but combined with the install hint it suggests missing/undeclared requirements that should be documented and justified.
Persistence & Privilege
The skill does not request always-on presence and is user-invocable with normal autonomous invocation allowed. There is no indication it attempts to modify other skills or system-wide settings.
Scan Findings in Context
[no-code-in-skill] expected: The regex scanner found nothing because this is an instruction-only skill (SKILL.md only). This is expected, but it means the SKILL.md content is the primary surface for assessing risk.
What to consider before installing
Before installing or using this skill, ask the publisher (or check the referenced GitHub/npm package) for details: 1) Does the skill actually install nexscope-ai/eCommerce-Skills? If so, inspect that package's source and releases on GitHub before running npx. 2) Which API keys or store credentials are required to enable cross-platform tracking, and how/where should they be provided? Avoid pasting live credentials into chat; prefer scoped API keys, read-only tokens, or uploading sanitized exports. 3) Confirm whether the skill will store or transmit your sales data to third-party services and where backups/exports are kept. If the publisher can't clearly explain the external package and credential needs, treat the skill as incomplete and do not run external installers or share sensitive credentials.

Like a lobster shell, security has layers — review code before you run it.

latestvk97avexqmfv2xh872fmebyvy9x83nk3q
122downloads
0stars
1versions
Updated 1mo ago
v1.0.0
MIT-0
nexscope-ai@nexscope
latest
Download

Sales Tracking Tool 📉

Track and analyze e-commerce sales performance across platforms. Set up KPI dashboards, trend analysis, and performance alerts to catch issues and opportunities early.

Supported platforms: Amazon, Shopify, WooCommerce, Walmart, TikTok Shop, Etsy, eBay, BigCommerce.

Built by Nexscope — your AI assistant for smarter e-commerce decisions.

Install

npx skills add nexscope-ai/eCommerce-Skills --skill sales-tracking-tool -g

Usage

Help me set up sales tracking for my business. I sell on Amazon ($30K/mo) and Shopify ($10K/mo). What KPIs should I track and how often?

Capabilities

  • Cross-platform sales dashboard framework (Amazon, Shopify, Walmart, etc.)
  • KPI definition and target setting by business stage
  • Trend analysis methodology (daily, weekly, monthly, YoY)
  • Anomaly detection framework (unusual spikes or drops)
  • SKU-level performance tracking
  • Cohort analysis for customer behavior insights

How This Skill Works

Step 1: Collect information from the user's message — product, platform, current situation, and goals.

Step 2: Ask one follow-up with all remaining questions using multiple-choice format. Allow shorthand answers (e.g., "1b 2c 3a").

Step 3: Research and analyze using the frameworks and methodology below.

Step 4: Deliver structured, actionable output with specific recommendations, not vague advice.

Output Format

  • Start with a summary of findings
  • Include specific data points and benchmarks where available
  • Provide prioritized action items
  • Mark estimates with ⚠️ when based on incomplete data
  • End with concrete next steps

Other Skills

More e-commerce skills: nexscope-ai/eCommerce-Skills

Amazon-specific skills: nexscope-ai/Amazon-Skills

Built by Nexscope — your AI assistant for smarter e-commerce decisions.

Comments

Loading comments...