Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
icosmos shopify
v0.0.1Shopify 店铺运营/诊断技能:从 Supabase 拉取店铺域名与 token,做装修/产品/结账/指标异常检测,并支持发布引流博文(唯一写操作)。
⭐ 0· 350·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill description says it pulls shop domains and tokens from Supabase and performs diagnostics (read-only) with a single write action (publish blog). However the registry metadata declares no required environment variables or primary credential, while SKILL.md requires ICOSMOS_USER_EMAIL and ICOSMOS_USER_PASSWORD and references a local CLI ('icosmos-shopify'). This mismatch suggests the declared metadata does not match the runtime needs.
Instruction Scope
Runtime instructions direct the agent to sync tokens from Supabase into a local cache (sensitive operation) and to store ICOSMOS_USER_EMAIL/ICOSMOS_USER_PASSWORD as system environment variables. The doc also instructs use of a local 'icosmos-shopify' binary (not provided). Although it states most operations are read-only and only blog publish is a write requiring --confirm, the handling, storage, and transmission of shop/admin tokens and the unspecified Supabase access flow are not described and could enable exfiltration or misuse.
Install Mechanism
There is no install spec and no code/binaries included. Yet SKILL.md expects a CLI named 'icosmos-shopify' in the current directory. That missing artifact is an incoherence: either the skill assumes an out-of-band install or the metadata is incomplete. Lack of an install spec reduces immediate execution risk but increases ambiguity about where the binary would come from.
Credentials
SKILL.md requires ICOSMOS_USER_EMAIL and ICOSMOS_USER_PASSWORD (to be saved as environment variables) and will read/store Shopify tokens from Supabase. The registry metadata lists no required env vars. Sensitive variables are requested without clear justification for their scope, how they are protected, or why Supabase access credentials (or connection info) are not declared. This is disproportionate and under-specified.
Persistence & Privilege
always:false (normal) and the skill can be invoked autonomously (platform default). The doc says tokens are cached locally and environment variables are stored — this grants persistence on the host but is not requesting platform-wide privileges. Still, persistent local storage of admin tokens should be treated as a risk unless you verify storage protections.
What to consider before installing
Do not install or run this skill until the author clarifies several points: (1) provide accurate registry metadata listing required env vars and credentials (ICOMSOS_USER_EMAIL/PASSWORD and any Supabase connection info), (2) explain exactly how Supabase is accessed and which credentials/URLs are needed, (3) supply or point to the 'icosmos-shopify' binary source and its install instructions, (4) confirm where shop/admin tokens are stored (local cache path, encryption, retention), (5) ensure least-privilege Shopify tokens (read-only scopes) are used and verify the blog-publish flow and audit/logging, and (6) avoid setting permanent system-wide environment variables for secrets — prefer ephemeral secrets or a secure secret store. If you must test now, run in an isolated environment, inspect the binary/source first, and do not expose full admin tokens or production credentials until you have verified behavior.Like a lobster shell, security has layers — review code before you run it.
latestvk97ch6m8sy5wyr7d483bwrmx5s833q30
License
MIT-0
Free to use, modify, and redistribute. No attribution required.