v1.0.1

Etsy Autolist

SuspiciousClawScan verdict for this skill. Analyzed Apr 30, 2026, 1:18 PM.

Analysis

This skill asks for Etsy OAuth/API secrets and changes your shop, but it creates hard-coded listings, references a missing OAuth helper, and does not match its stated file-based autolisting purpose.

GuidanceDo not connect this skill to a real Etsy shop until you have reviewed and edited the hard-coded listings, verified the missing OAuth helper issue is resolved, and confirmed exactly what permissions the Etsy token grants. If testing, use a separate shop or limited token, inspect created drafts before publishing, and revoke credentials afterward.

Findings (6)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agent Goal Hijack

SeverityMediumConfidenceHighStatusConcern

SKILL.md

Products - Options Trading Brain PDF — $27
- DeFi Sniper Setup Guide — $37
- Smart Contract Audit Checklist — $47

The runtime instructions predefine specific listings to create, which can redirect the agent from the user's own product files or listing goals to these fixed products.

User impactThe skill may create Etsy drafts for products you did not intend to sell.

RecommendationDo not run it until the listing content is explicitly user-provided or reviewed and confirmed before creation.

Tool Misuse and Exploitation

SeverityHighConfidenceHighStatusConcern

scripts/create_listings.py

requests.post(f"{BASE_URL}/applications/shops/{ETSY_SHOP_ID}/listings", headers=get_headers(), json=payload, timeout=15)

The script uses the user's Etsy OAuth credentials to mutate a third-party shop by creating listings, with no artifact evidence of per-item approval, dry-run mode, rollback, or scope limiting before the POST.

User impactRunning the script can create persistent listings in your Etsy account, even if they remain drafts.

RecommendationUse only with a test shop or throwaway token until the script has explicit confirmations, a dry-run mode, and clear limits on what it will create.

Agentic Supply Chain Vulnerabilities

SeverityMediumConfidenceHighStatusConcern

SKILL.md

Run: python scripts/oauth_helper.py

The instructions require an OAuth helper, but the provided manifest contains only SKILL.md and scripts/create_listings.py. This creates a provenance gap around code that would handle sensitive OAuth credentials.

User impactYou may be pushed to find or run an unprovided helper script to obtain an access token, which could expose credentials.

RecommendationDo not run any missing or externally sourced OAuth helper unless its source is supplied, reviewed, and matches the declared credential flow.

Cascading Failures

SeverityLowConfidenceHighStatusNote

scripts/create_listings.py

for listing in LISTINGS:
        lid = create_listing(listing)

One run creates every hard-coded listing, and the code shows no idempotency check or rollback. The listings are drafts, which reduces immediate public impact, but repeated runs can still accumulate unwanted shop changes.

User impactA mistaken or repeated run could create multiple unwanted draft listings in your Etsy shop.

RecommendationAdd a dry-run mode, duplicate detection, and a confirmation step before each listing is created.

Human-Agent Trust Exploitation

SeverityHighConfidenceHighStatusConcern

SKILL.md

Creates listings from existing digital product files (PDFs, templates, spreadsheets)

The supplied script does not read existing product files; it creates hard-coded finance/crypto/trading listings. This mismatch can mislead users about what the skill will do.

User impactYou may trust the skill to list your own files, but it can instead create unrelated preset product drafts in your shop.

RecommendationRequire transparent input handling, remove hard-coded listings, and review all listing titles/descriptions before granting account access.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityHighConfidenceHighStatusConcern

SKILL.md

Save as secrets: `ETSY_CLIENT_KEY` and `ETSY_CLIENT_SECRET` ... Save as secret: `ETSY_SHOP_ID`

The skill asks for sensitive Etsy app credentials and shop identity, plus OAuth setup, while the registry metadata declares no required env vars or primary credential. Those credentials can authorize shop changes.

User impactYou may grant the skill authority over your Etsy shop without the credential requirement being clearly declared in the package metadata.

RecommendationProvide only least-privilege credentials where possible, revoke tokens after testing, and require the skill metadata to declare all required secrets and account permissions.