← Back to Skills Marketplace
moodykong

Secure Shopper

by Zhihao · GitHub ↗ · v0.1.0
cross-platform ⚠ suspicious
492
Downloads
1
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install secure-shopper
Description
Asynchronous shopping research + checkout using secure-autofill (1Password-backed browser filling) with results recorded to workspace artifacts.
Usage Guidance
This skill appears to do what it says (shop, use secure-autofill, save results) but has packaging and disclosure issues you should address before installing. Specifically: - The helper scripts write artifacts to a hard-coded path (/home/miles/.openclaw/workspace/...), which reveals a user-specific path and will not work correctly for other users — ask the author to make this path configurable or relative to the current agent/workspace. - The SKILL.md depends on a separate secure-autofill skill and mentions gateway environment variables (and a non-headless Chrome) but the manifest declares no required env vars or config paths; confirm what secrets or environment variables secure-autofill actually needs and whether those will be present and limited in scope. - The skill uses vault_suggest/vault_fill to access credentials via secure-autofill. Verify you trust the secure-autofill implementation and understand which credentials it will expose and under what conditions (ensure explicit user confirmation before any checkout or purchase action). - Because the skill spawns sub-agents that browse and can log in, test it in a safe/isolated environment (or with test accounts) first to confirm it respects the stated 'accept/deny' gate and doesn't place orders autonomously. If you plan to use it: require the author to (1) remove hard-coded paths or make them configurable, (2) declare required env vars/config paths in the skill manifest, (3) document exactly what secure-autofill vault operations occur, and (4) provide a reproducible way to run onboarding that does not assume a specific home directory. If those changes are not made, treat installation as higher risk.
Capability Analysis
Type: OpenClaw Skill Name: secure-shopper Version: 0.1.0 The skill bundle is designed for asynchronous shopping and checkout, leveraging a 'secure-autofill' skill for sensitive operations. The `SKILL.md` provides clear instructions for the AI agent, including explicit guardrails such as 'Never paste secrets' and mandatory user confirmation for checkout, mitigating prompt injection risks. The JavaScript utilities (`onboard.mjs`, `task_io.mjs`) perform file I/O strictly within the skill's configuration directory and a designated workspace artifact directory (`/home/miles/.openclaw/workspace/artifacts/secure_shopping/`), using `path.join` to prevent path traversal. There is no evidence of intentional malicious behavior, data exfiltration, unauthorized execution, or persistence mechanisms.
Capability Assessment
Purpose & Capability
The skill's name/description (shopping + 1Password-backed autofill) align with its instructions and helper scripts that browse sites, use vault_suggest/vault_fill, and record candidates. However, the packaging omits explicit declarations for the secure-autofill prerequisites (gateway env vars, non-headless Chrome) and the scripts write to a hard-coded path (/home/miles/.openclaw/workspace/...) which does not match the skill metadata (requires no config paths). The hard-coded home directory is disproportionate to a portable skill and may not be appropriate for other users or environments.
Instruction Scope
Runtime instructions direct the agent to spawn sub-agents, run browser snapshots, and call external helper tools (vault_suggest/vault_fill) to fill credentials. The SKILL.md also mandates writing task artifacts to a specific filesystem location. The instructions assume the presence of secure-autofill and gateway env vars that are not declared in the skill manifest. While the skill claims a hard gate (require user accept/deny before checkout), the capability to log in and initiate checkout via secure-autofill means sensitive credentials and shopping actions could be used — the instructions should explicitly enumerate what secrets and confirmations are required.
Install Mechanism
There is no install spec (instruction-only with small helper scripts). This is low-risk from an installer perspective because no remote downloads or archive extraction occur.
Credentials
The manifest lists no required env vars or config paths, but the SKILL.md explicitly depends on the secure-autofill skill which itself requires gateway env vars and a working non-headless Chrome. The discrepancy (no declared credentials yet runtime use of vault_fill) is a proportionality mismatch: the skill enables use of secrets (via another skill) without declaring them or documenting the required scope. The hard-coded workspace path embeds a specific user identity (miles), which is not justified by the stated purpose and reduces portability/privacy.
Persistence & Privilege
always:false and normal autonomous invocation are fine. The skill writes artifacts to disk under its artifact directory (but with a hard-coded absolute path). It does not request system-wide configuration changes or alter other skills. Spawning sub-agents is part of its advertised behavior; combined with the vault-based autofill capability this increases the blast radius if sub-agents are allowed to act without strict user confirmation, though the SKILL.md states a hard accept/deny gate before checkout.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install secure-shopper
  3. After installation, invoke the skill by name or use /secure-shopper
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.0
Initial public release
Metadata
Slug secure-shopper
Version 0.1.0
License
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is Secure Shopper?

Asynchronous shopping research + checkout using secure-autofill (1Password-backed browser filling) with results recorded to workspace artifacts. It is an AI Agent Skill for Claude Code / OpenClaw, with 492 downloads so far.

How do I install Secure Shopper?

Run "/install secure-shopper" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Secure Shopper free?

Yes, Secure Shopper is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Secure Shopper support?

Secure Shopper is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Secure Shopper?

It is built and maintained by Zhihao (@moodykong); the current version is v0.1.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments