china-shopping-oracle
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a coherent price-comparison skill with no included code, but it does use your logged-in shopping browser sessions to read account-specific prices.
Before installing, be aware that this skill works best when your browser is already logged into Taobao, JD, or Pinduoduo. That is reasonable for member-price checks, but supervise the browser session and avoid letting the agent perform purchases or account changes.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may view logged-in shopping pages and account-specific prices while comparing products.
The skill directs the agent to use the user's already-logged-in browser session for shopping sites, which is expected for member pricing but gives the agent access to account-specific pages and prices.
使用浏览器工具进行搜索。自动继承用户浏览器会话,无需手动登录。
Use a dedicated browser profile if possible, stay in interactive mode, and do not approve any cart, checkout, or account-management actions unless you explicitly intend them.