ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Shopping Affiliate Search

v1.0.0

全球购物搜索联盟工具 - 搜索淘宝/京东/亚马逊等平台商品,自动添加你的推荐码获取佣金。当用户想买东西、搜索商品、比价时自动激活。

0· 225·0 current·0 all-time
by@mi426878

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for mi426878/shopping-affiliate-search.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Shopping Affiliate Search" (mi426878/shopping-affiliate-search) from ClawHub.
Skill page: https://clawhub.ai/mi426878/shopping-affiliate-search
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install shopping-affiliate-search

ClawHub CLI

Package manager switcher

npx clawhub@latest install shopping-affiliate-search
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (affiliate search + inject referral codes) matches the included code: search.py manages affiliate IDs, builds affiliate links, and formats results. However the SKILL.md and README promise real multi-platform searching via platform APIs while the implementation returns simulated/mock results and placeholder API URLs — the capability is overstated compared to the actual code.
!
Instruction Scope
SKILL.md instructs running scripts/config.py and scripts/get_link.py, but the repository only contains scripts/search.py. Although search.py implements a 'config' subcommand, the documentation and examples are inconsistent about which files exist and how to run them. The instructions do not ask for unrelated environment variables or exfiltrate data, but the mismatch between docs and files is a practical risk (user may run non-existent commands or be misled about functionality).
Install Mechanism
No install spec and no external downloads — this is instruction-only plus a local script. Nothing will be automatically fetched or executed during install, minimizing supply-chain risk.
Credentials
The skill requests no environment variables or external credentials. Affiliate IDs are stored in a local config file (config/affiliate_config.json). The level of access requested is proportionate to the stated purpose.
Persistence & Privilege
always is false and the skill does not request system-wide privileges. It writes and reads a local config file in the project's config/ directory — expected for storing affiliate IDs and normal for this kind of tool.
What to consider before installing
Before installing, consider the following: - The repository contains scripts/search.py which implements config and search behavior, but the SKILL.md references scripts (scripts/config.py and scripts/get_link.py) that are not present — expect documentation/code mismatches. - The code returns simulated/mock search results and builds affiliate links from configured IDs; it does not actually call platform search APIs. If you need real-time, accurate searches you should verify/implement real API integrations. - The tool stores affiliate IDs in config/affiliate_config.json on disk. Review that file and treat any stored IDs like sensitive tokens if you reuse them elsewhere. - Because the docs overstate capabilities, test the skill in a sandboxed environment first and inspect the config file and output URLs to ensure they behave as you expect and comply with affiliate program rules. - If you expect automatic activation in conversational flows, confirm your agent's autonomous-invocation settings and whether you want the agent to call this skill when users mention purchases or searches. If you want, I can (1) point out the exact lines where the docs and code diverge, (2) suggest a minimal patch to make the docs accurate, or (3) propose changes to implement real API calls for one platform so behavior matches the description.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

🛒 Clawdis
latestvk9711b8ajh9csnxtprhavxa96d834tp5
225downloads
0stars
1versions
Updated 16h ago
v1.0.0
MIT-0
@mi426878
latest
Download

🛒 全球购物搜索联盟工具

一键搜索全球主流电商平台商品,自动注入推荐码,赚取佣金收入!

✨ 核心功能

平台状态佣金模式
淘宝淘宝客
京东京粉
拼多多多多进宝
亚马逊Amazon Associates
1688阿里妈妈

💰 赚钱方式

用户搜索商品 → 返回带推荐码链接 → 用户购买 → 你获得佣金

佣金比例

  • 淘宝:1-50%
  • 京东:1-30%
  • 拼多多:5-50%
  • 亚马逊:1-10%

🚀 使用方法

1. 配置推荐码

# 设置淘宝客PID
python3 scripts/config.py --taobao "mm_xxxxx"

# 设置京东联盟ID
python3 scripts/config.py --jd "xxxxx"

# 设置亚马逊联盟ID
python3 scripts/config.py --amazon "xxxxx-20"

2. 搜索商品

# 搜索淘宝
python3 scripts/search.py "男士T恤" --platform taobao

# 搜索京东
python3 scripts/search.py "iPhone手机壳" --platform jd

# 搜索亚马逊
python3 scripts/search.py "wireless earbuds" --platform amazon

# 全平台搜索
python3 scripts/search.py "蓝牙耳机" --all

3. 获取带佣金的链接

python3 scripts/get_link.py --url "商品链接" --platform taobao

📝 示例

用户: 帮我搜索淘宝上的男士T恤
Agent: 正在搜索淘宝...

搜索结果(已注入推荐码):

1. 纯棉男士T恤夏季薄款
   价格: ¥59.00
   销量: 5万+
   推荐链接: https://s.click.taobao.com/xxx
   
2. 复古港风男士短袖T恤
   价格: ¥89.00
   销量: 3万+
   推荐链接: https://s.click.taobao.com/yyy
   
...

💰 预计佣金: ¥5-15/件

🔧 配置文件

{
  "taobao": {
    "pid": "mm_xxxxx_xxxxx_xxxxx",
    "enabled": true
  },
  "jd": {
    "union_id": "xxxxx",
    "enabled": true
  },
  "pdd": {
    "pid": "xxxxx",
    "enabled": true
  },
  "amazon": {
    "associate_id": "xxxxx-20",
    "enabled": true
  }
}

🎯 最佳实践

  1. 选择高佣金商品 - 优先推荐佣金比例高的商品
  2. 热门商品 - 选择销量高的爆款
  3. 多平台对比 - 给用户提供价格对比
  4. 优质内容 - 配合推荐理由增加转化

⚠️ 注意事项

  • 需要先注册各平台联盟账号
  • 推荐码需要定期更新
  • 遵守平台推广规则
  • 真实推荐,不夸大宣传

📊 预期收入

使用频率月收入预估
偶尔使用¥100-500
每日使用¥500-2000
高频使用¥2000-10000+

开始赚钱:配置你的推荐码,搜索商品,分享链接! 💰

Comments

Loading comments...