Pluginv1.2.0

ClawScan security

Nexscope E-Commerce Tools · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 24, 2026, 6:19 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The plugin's documentation and declared requirements mostly match an e‑commerce analysis skill, but there are inconsistencies — notably an included src/index.ts extension and many example scripts referenced in SKILL.md that aren't present — which warrant code review before installing.
Guidance: This package largely looks like a legitimate bundle of e‑commerce skill docs, but there are two things to check before installing: (1) the repository includes a runtime extension (src/index.ts) that is not explained in the SKILL.md files — ask for or review the source of src/index.ts to confirm it only implements the documented tools and doesn't phone home, exfiltrate data, or access unexpected credentials; (2) many SKILL.md examples reference local Python scripts (e.g., scripts/monitor.py, scripts/detector.py) that do not appear in the file manifest — verify whether those scripts are intentionally omitted, generated at runtime, or expected to be provided by the user. Practical next steps: review the contents of src/index.ts (search for network endpoints, hard-coded URLs, env var access, eval/child_process usage), avoid entering any API keys or secrets until you understand how they are used, and if you can, run the plugin in an isolated/test environment (or sandbox) first. If you want, provide the src/index.ts contents and I can analyze it for suspicious network calls, credential access, or obfuscated behavior — that would raise confidence to high.

Review Dimensions

Purpose & Capability: noteThe name, description, and SKILL.md content describe e‑commerce analysis (profit calc, keyword scoring, marketing, brand protection, etc.) and the declared config (optional apiKey) fits that purpose. However, the package includes a compiled/packaged runtime extension (src/index.ts referenced in package.json/openclaw.extensions) even though most documentation reads like instruction-only skills. That added code surface is not documented in SKILL.md and could implement behaviors beyond the prose, so the purpose vs. actual capability is not fully transparent.
Instruction Scope: concernSKILL.md files instruct the agent to run web_search/web_fetch against external sites (expected for market research) and include example commands like python3 scripts/monitor.py, python3 scripts/detector.py, and npx skills add ... which imply local scripts. The manifest does not include a scripts/ directory or those Python scripts; only src/index.ts and SKILL.md files are present. References to local scripts that don't exist are inconsistent and the SKILL.md grants the agent broad discretion to fetch and scrape competitor/product pages — expected but still a privacy/network activity surface. Because runtime behavior may come from the included src/index.ts and that's not surfaced in the docs, this is a concern.
Install Mechanism: okThere is no external install spec that downloads arbitrary archives or third‑party binaries; installation is via the OpenClaw plugin system (openclaw plugins install). package.json/openclaw.extensions points to a local src/index.ts extension. No external URLs or extract/install steps are used, which is lower risk than remote installers — but the local extension code must still be reviewed.
Credentials: okThe plugin declares no required environment variables or primary credentials and marks an apiKey as optional in its config schema (sensitive = true). That is proportionate to the described features. There are no unexpected credential requests in the manifest or SKILL.md. Still: the optional apiKey is described as 'for future premium features' — do not supply real secrets until you review what the extension does with that key.
Persistence & Privilege: notealways: false (normal) and autonomous model invocation is allowed (the platform default). The plugin includes an extension (src/index.ts) that will be loaded by the gateway; because its behavior isn't documented in SKILL.md, this increases the effective privilege surface. The plugin does not request persistent system-wide configuration or claim to change other skills, which is good; nevertheless, runtime code review is recommended before enabling.