Lobstersearch
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill is a coherent hosted shopping connector, but it exposes real order, cancellation, refund, and customer-data flows without clearly documented approval or authentication boundaries.
Install only if you want your agent to interact with a real shopping and payments service. Keep tool-call approval on, confirm every create_order, confirm_order, and cancel_order action yourself, verify Stripe payment links before paying, treat order IDs as private, and avoid sharing unnecessary personal details in order notes.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent could reserve items, start checkout flows, or cancel/refund an order when the user did not intend that action, especially if tool approval is not enforced by the client.
The tool schema exposes write actions that affect real commerce state: reserving stock, generating payment links, and initiating refunds. These actions are purpose-aligned, but the artifacts do not clearly require human approval before an agent invokes them.
"create_order" ... "stock reserved" ... "confirm_order" ... "generate a Stripe Checkout payment link" ... "cancel_order" ... "refund will be automatically initiated"
Keep per-tool approval enabled and require explicit user confirmation before create_order, confirm_order, or cancel_order. Verify merchant, items, price, customer details, and the Stripe checkout URL before proceeding.
If an order ID is exposed or guessed, the artifacts do not show an ownership check preventing status lookup or cancellation/refund actions.
The public MCP schema documents no authentication and shows order cancellation keyed only by order_id. Backend safeguards may exist, but they are not described in the provided artifacts.
"authentication": "none" ... "cancel_order" ... "required": ["order_id"]
Treat order IDs as sensitive. The provider should document or add authentication, scoped order tokens, or user-verification checks for order status, cancellation, and refund operations.
Names, email addresses, and order notes may be processed by the hosted service and possibly shared with the merchant or notification providers.
Order creation can send customer contact details and notes to the hosted LobsterSearch MCP service. This is expected for commerce, but it is still a sensitive external data flow.
"endpoint": "https://mcp.lobstersearch.ai/mcp" ... "customer_email" ... "customer_name" ... "customer_notes"
Only provide the personal information needed for the order, avoid sensitive content in customer_notes, and review the service’s privacy practices before use.
The agent may be steered through a shopping flow by provider-supplied next_actions, which could include moving from browsing to ordering.
The remote service is designed to return suggested next steps for the agent. This is disclosed and purpose-aligned, but those suggestions should not be treated as authorization for purchases or cancellations.
Every response includes `next_actions` — the agent always knows what to do next ... Always reference `next_actions` in responses to guide the conversation
Use next_actions as suggestions only, and require the user’s explicit confirmation before any order, payment, or cancellation step.