Hyderabad Shopper
AdvisoryAudited by VirusTotal on Mar 30, 2026.
Overview
Type: OpenClaw Skill Name: hyderabad-shopper Version: 1.0.0 The skill is a shopping assistant designed to find prices for products in Hyderabad (Pincode 500081). It contains clear instructions for the agent to search specific platforms (Blinkit, Zepto, Swiggy) and includes strong safety protocols, such as mandatory human-in-the-loop (HITL) approval and pausing execution before any payment is made. No malicious code, data exfiltration, or unauthorized execution patterns were identified in SKILL.md or _meta.json.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user may install it expecting only price comparison, while the agent may proceed into cart/checkout workflows and transmit checkout details.
The user-facing description frames the skill as price lookup, while the detailed instructions include checkout and external messaging behavior.
description: "Finds lowest prices for Pincode 500081 without freezing." ... "add the item to the cart, navigate to the final payment screen" ... "Send a screenshot of the checkout page to the user via Telegram."
Update the description and metadata to clearly disclose checkout and Telegram behavior, and require explicit user approval before those steps.
The agent could change shopping carts or reach checkout pages in the user's accounts before all details are verified.
Adding items to cart and navigating checkout can rely on logged-in shopping sessions and modifies account/cart state; the skill does not define which accounts, quantities, sellers, or reversal steps are allowed.
If the user selects an item to buy, open ONE tab, add the item to the cart, navigate to the final payment screen, and **PAUSE**.
Require a separate confirmation before cart/checkout actions, show product, seller, quantity, fees, and platform, and avoid using saved account sessions unless the user explicitly agrees.
Sensitive checkout information could be sent to the wrong Telegram chat or exposed through an external messaging channel.
Checkout screenshots can contain order, delivery, account, and payment-context details, but the Telegram recipient, authorization, and redaction rules are not specified.
Send a screenshot of the checkout page to the user via Telegram.
Ask for explicit consent and recipient confirmation before sending anything through Telegram, and redact sensitive details from screenshots where possible.
The exact location may be available to the agent or anyone reviewing the skill, and could be reused in future shopping context.
A specific address is embedded in persistent skill metadata, even though the operational instructions only require the pincode.
metadata: address: "102 Saboori Enclave Whitefields" pincode: "500081" location: "Hyderabad"
Remove the exact address unless it is necessary, and keep only the pincode or ask the user for delivery details at runtime.