Skillv1.0.0

ClawScan security

amazon-to-shopify-sync · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 6, 2026, 8:55 AM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill claims to sync Amazon listings to Shopify, but the package embeds hardcoded Shopify credentials, contains configuration inconsistencies (no declared env but secrets in code, mismatched domains), and the runtime instructions/code don't fully match the stated behavior.
Guidance: Do not install or run this skill as-is. Key issues: (1) the script contains hardcoded Shopify credentials (CLIENT_ID and CLIENT_SECRET) — this is sensitive and unexpected given the skill declares no required env vars; (2) SKILL.md and code are inconsistent (claims to extract from Amazon but the script lacks scraping/fetch logic and contains static product text); (3) the OAuth flow used (client_credentials) and the presence of two domains (dinoho.myshopify.com and dinoho.cn) are unexplained. Before using: ask the publisher to remove embedded secrets and declare required environment variables; require that auth use a documented, secure OAuth flow and that credentials belong to you; verify which domain/store the skill will access; review and test in a sandbox store; rotate any exposed credentials that might be real. If you need this functionality, prefer a version that accepts credentials via environment/config and clearly documents its Amazon scraping and Shopify API calls.

Review Dimensions

Purpose & Capability: concernThe name/description say 'extract from Amazon and sync to Shopify' and to manage credentials via environment/scripts, but the code hardcodes CLIENT_ID and CLIENT_SECRET. The SKILL.md references two domains (dinoho.myshopify.com and dinoho.cn) which is unexplained. The script provides mapping and a token request but no Amazon scraping/fetching logic and no actual POST to the Shopify products API — several pieces needed for the stated purpose are missing or inconsistent.
Instruction Scope: concernSKILL.md instructs automatic token renewal and triggering on a provided Amazon URL, but the included script does not implement Amazon extraction and instead contains static product data/templates. The instructions ask for client_credentials grant usage (before every sync) — this OAuth flow is uncommon for Shopify and is not justified in the docs. The mismatch between the prose (manage keys in env) and actual code (hardcoded secrets) is a scope and trust concern.
Install Mechanism: okNo install spec is provided (instruction-only with one script), so there is low install-time risk (nothing is downloaded or auto-executed beyond the included files). However, the contained script executes network calls (requests.post) and includes a secret; lack of an install step does not mitigate the hardcoded-credential risk.
Credentials: concernRegistry metadata declares no required env vars/credentials, yet the code contains a 32-char CLIENT_ID and a 'shpss_' secret-looking CLIENT_SECRET embedded in scripts/sync.py. That contradicts the declared requirements and is disproportionate: a syncing skill should request credentials for the target store (and ideally via env vars), not hardcode them. The presence of a plausible Shopify secret in source is a high-risk red flag.
Persistence & Privilege: okThe skill is not marked always:true and does not request system-wide changes or modify other skills. It does perform network operations but does not request elevated platform persistence in its metadata.