Xianyu Sam Order

v1.0.1

闲鱼山姆代下单 - 配置你自己的账号

⭐ 0· 480·0 current·0 all-time

by@sxliuyu

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for sxliuyu/xianyu-sam-order.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "Xianyu Sam Order" (sxliuyu/xianyu-sam-order) from ClawHub.
Skill page: https://clawhub.ai/sxliuyu/xianyu-sam-order
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install xianyu-sam-order

ClawHub CLI

Package manager switcher

npx clawhub@latest install xianyu-sam-order

Security Scan

VirusTotal

Suspicious

View report →

OpenClaw

Suspicious

medium confidence

Purpose & Capability

The skill's purpose (assist with Xianyu/Sam orders) matches the included helper script which only checks environment variables and prints instructions. However the registry metadata declares no required environment variables, while the runtime instructions explicitly ask the user to populate XIANYU_COOKIE and SAM_PHONE. That metadata/instruction mismatch is inconsistent.

ℹ

Instruction Scope

SKILL.md stays within the stated purpose (login guidance, manual/optional automation). It tells users to store their cookie and phone in ~/.openclaw/workspace/.env and to take screenshots — it does not instruct the agent to read arbitrary system files or to send data to external endpoints. The instructions do encourage storing sensitive cookies in a local .env file, which is a security concern worth noting.

✓

Install Mechanism

No install spec and only a tiny local Python script are included, so there is no network-based installer or downloaded code to evaluate. This is low risk from an install-mechanism perspective.

Credentials

The skill asks users (in SKILL.md) to provide XIANYU_COOKIE and SAM_PHONE to enable optional automation. Requesting those two items is proportionate to optional auto-login, but the registry metadata does not declare them, and the guidance encourages storing a session cookie in a plain .env file in the workspace — which may expose sensitive session credentials if the file is not protected.

✓

Persistence & Privilege

The skill is not always-enabled and does not request special platform privileges. It does not attempt to modify other skills or system settings. Normal autonomous invocation is allowed (platform default).

What to consider before installing

Before installing or using this skill: (1) be cautious about placing session cookies in a plaintext ~/.openclaw/workspace/.env file — prefer the platform's secret storage or avoid providing cookies entirely; (2) note that the package metadata does not list the XIANYU_COOKIE or SAM_PHONE env vars even though the README asks you to set them — ask the author to fix this mismatch; (3) the included script only prints checks and help (it doesn't appear to exfiltrate data), but only provide sensitive credentials if you trust the skill/author and have verified how those credentials are used; (4) if you don't need automation, use the manual workflow to avoid sharing cookies.

Like a lobster shell, security has layers — review code before you run it.

latestvk975s90kj2ak56rsg3nms43czh832dj3

480downloads

0stars

2versions

Updated 3h ago

v1.0.1

MIT-0

闲鱼山姆代下单服务 🛒

登录自己的账号

山姆会员店

注册会员：微信搜"山姆会员商店"小程序
年费：260元/年
下单：在山姆APP/小程序下单

闲鱼

下载APP：闲鱼
登录：用淘宝账号登录
认证：实人认证后可以发布商品接单

配置自己的账号

在 ~/.openclaw/workspace/.env 配置：

# 你的淘宝/闲鱼Cookie（可选，用于自动登录）
XIANYU_COOKIE="你的Cookie"

# 你的山姆会员账号
SAM_PHONE="手机号"

自己下单流程

打开山姆APP → 选择商品 → 加入购物车
截图给我 → 我帮你查价格
你在山姆APP付款 → 选择配送地址
配送到家

常见问题

Q: 需要年费吗？ A: 山姆需要260元/年会员费

Q: 可以不使用自己的账号吗？ A: 可以帮别人代下单，需要对方提供山姆会员

Q: 配送范围？ A: 山姆配送一般在5-10公里内

Comments

Loading comments...