ClawHub
Back to skill

Security audit

Shopify Runtime

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Shopify admin scripting tool; it is powerful, but the sensitive access is coherent with its stated purpose.

Install this only if you intend to give OpenClaw direct Shopify Admin API access to the configured store. Use a dedicated least-privilege Shopify app, keep read mode as the default, review generated write scripts before running them, and avoid returning broad customer or order payloads unless necessary.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The provider records full HTTP response metadata and bodies for every Shopify request in rawResponses, which can include orders, customers, protected customer data, and other sensitive admin API results. In a runtime skill that grants direct store access, retaining these raw payloads expands the exposure surface to downstream logs, debugging UIs, memory inspection, or other components that were not meant to receive full store data.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
This file exposes an `execute` command that accepts `--mode write` and forwards arbitrary JavaScript to the Shopify runtime with no confirmation, policy gate, or additional safeguard in this layer. In the context of a skill explicitly designed for direct store runtime access, this materially increases the chance of accidental or unauthorized destructive actions against a live Shopify store if the command is invoked with write access.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal