ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Shopflow Read-only Packet

v1.0.0

Guides installation and connection to Shopflow's local MCP server for read-only submission readiness checks without live store claims.

0· 40·0 current·0 all-time
byYifeng[Terry] Yu@xiaojiou176
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name/description match the instructions: the packet teaches how to attach and inspect a local Shopflow MCP read-only surface. However, the manifest declares no required binaries while the instructions implicitly require git, Node.js (pnpm), and a working pnpm toolchain — a mismatch that should be fixed in metadata.
Instruction Scope
SKILL.md stays within the stated purpose (clone the Shopflow repo, start the read-only MCP, run verification commands, and report capability/readiness). It does instruct the host to run pnpm install and pnpm mcp:stdio against a remote GitHub repo, which will execute code fetched from that repo and its npm dependencies — expected for this purpose but a real safety consideration (inspect the repo/package scripts before running on sensitive hosts).
Install Mechanism
There is no install spec (instruction-only), which is low-risk for the skill package itself. But the runtime instructions pull code and dependencies via git and pnpm from an external GitHub repository and npm registry; that network fetch is normal for this workflow but carries the usual risks of running upstream code.
Credentials
The skill requests no environment variables, no credentials, and no config paths beyond a repo path placeholder. Nothing asks for unrelated secrets or system credentials.
Persistence & Privilege
always is false and the skill does not request persistent or elevated platform privileges, nor does it attempt to modify other skills' configs. It is user-invocable and can be invoked autonomously by the agent (platform default).
Assessment
This packet appears to do what it says: it teaches how to attach a local, read-only Shopflow MCP server. Before you run anything, do the following: (1) add/confirm required binaries in the manifest (git, Node.js, and pnpm) so metadata matches behavior; (2) review the GitHub repo (https://github.com/xiaojiou176-open/shopflow-suite.git) and package.json/scripts to ensure you trust what pnpm install and pnpm mcp:stdio will run; (3) run installs and the MCP server in a sandbox or isolated environment (not on a production host) if you have any doubt; (4) prefer to clone the repo locally and inspect files before executing; and (5) note this skill does not request credentials, but running third‑party installs will contact npm/GitHub and fetch remote code — treat that as the main risk. If you want higher assurance, ask the skill author to declare required binaries in manifest and to provide checksums or an official release URL for the referenced repo.

Like a lobster shell, security has layers — review code before you run it.

distributionvk97ctp9897wp5dp60r9tj0b3cs84gyhrlatestvk97ctp9897wp5dp60r9tj0b3cs84gyhrmcpvk97ctp9897wp5dp60r9tj0b3cs84gyhrpacketvk97ctp9897wp5dp60r9tj0b3cs84gyhrread-onlyvk97ctp9897wp5dp60r9tj0b3cs84gyhrshopflowvk97ctp9897wp5dp60r9tj0b3cs84gyhr

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments