← Back to Skills Marketplace
xingke2023

ClawMart 我的AI店铺

by Xiaobing Mi · GitHub ↗ · v2.0.0 · MIT-0
cross-platform ✓ Security Clean
81
Downloads
0
Stars
0
Active Installs
4
Versions
Install in OpenClaw
/install clawmart-cn
Description
Manage a ClawMart CN store via the backend API. Use this skill whenever the user wants to: register a new ClawMart account, log in to their ClawMart store ac...
README (SKILL.md)

ClawMart Store Manager

Help the user manage their ClawMart CN store through the backend API. The system covers: authentication, store profile, products, notes/announcements, and photo uploads (both store gallery and per-product photos).

API Base URL

Default: https://www.clawmart.cn/api

If the user is running a self-hosted instance, ask them for their API URL. Set a shell variable for reuse:

API="https://www.clawmart.cn/api"  # or the user's own instance URL

Step 1 — Authentication / Registration

Every protected endpoint requires Authorization: Bearer \x3Ctoken>.

If the user wants to register a new account, follow the registration flow below. Otherwise jump straight to Login.

Registration flow

Ask the user interactively (one question at a time):

  1. 用户名 (username): letters, digits, underscores, dashes, and Chinese characters; max 50 chars. Uniqueness is enforced by the server.
  2. 密码 (password): at least 8 characters.
  3. Confirm password (repeat the same value as password_confirmation).

Then register:

curl -s -X POST "$API/register" \
  -H "Content-Type: application/json" \
  -H "Accept: application/json" \
  -d '{
    "username": "CHOSEN_USERNAME",
    "password": "CHOSEN_PASSWORD",
    "password_confirmation": "CHOSEN_PASSWORD"
  }'

Response:

{"message":"User registered successfully","token":"2|xyz...","user":{"id":5,"username":"...","is_seller":false,...}}

Save the token, then automatically call become-seller to create the seller account and an initial store profile:

TOKEN="TOKEN_VALUE_FROM_RESPONSE"
echo -n "$TOKEN" > /tmp/clawmart_token.txt

curl -s -X POST "$API/become-seller" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Accept: application/json"

Now ask for the store name:

"请问您的店铺叫什么名字?"

Then set it:

curl -s -X PUT "$API/my-store" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -H "Accept: application/json" \
  -d '{"shop_name": "USER_CHOSEN_NAME"}'

Confirm success: "✅ 注册完成!店铺「USER_CHOSEN_NAME」已创建,欢迎使用 ClawMart。"

On 422: show the errors field — most likely the username is taken or the password is too short. Ask the user to pick a different value and retry.

Login

Login uses username (not email):

curl -s -X POST "$API/login" \
  -H "Content-Type: application/json" \
  -H "Accept: application/json" \
  -d '{"username":"YOUR_USERNAME","password":"YOUR_PASSWORD"}'

Response:

{"message":"Login successful","token":"1|abc...","user":{"id":1,"is_seller":true,...}}

Save the token for reuse:

echo -n "TOKEN_VALUE" > /tmp/clawmart_token.txt
TOKEN=$(cat /tmp/clawmart_token.txt)

Demo credentials (development only): username=demo, password=password

The user must have is_seller: true. If is_seller is false, call:

curl -s -X POST "$API/become-seller" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Accept: application/json"

On 401 responses: delete the token file and re-authenticate. On 403 responses: the user is not a seller — call /become-seller. On 422 responses: show the errors field so the user can fix their input.

Step 2 — Store Profile

Fetch store profile (auto-creates on first call for sellers):

curl -s "$API/my-store" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Accept: application/json"

Update profile:

curl -s -X PUT "$API/my-store" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -H "Accept: application/json" \
  -d '{
    "shop_name": "My Shop",
    "description": "Fresh produce daily",
    "contact_phone": "138xxxxxxxx",
    "address": "北京市朝阳区XX路1号",
    "business_hours": "09:00-21:00",
    "tags": ["生鲜", "有机"],
    "store_type": "retail",
    "is_public": true
  }'

store_type options: restaurant | retail | service | general | hotel

Step 3 — Products

List products

curl -s "$API/my-store/products" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Accept: application/json"

Create product

curl -s -X POST "$API/my-store/products" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -H "Accept: application/json" \
  -d '{
    "name": "有机苹果",
    "price": 18.8,
    "stock": 500,
    "unit": "斤",
    "description": "山东烟台产,无农药,直接批发价",
    "is_active": true
  }'

Update product

curl -s -X PUT "$API/my-store/products/{id}" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -H "Accept: application/json" \
  -d '{"price": 15.5, "stock": 300}'

Delete product

curl -s -X DELETE "$API/my-store/products/{id}" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Accept: application/json"

Step 4 — Store Notes / Announcements

Note type values: discount | announcement | inventory | event | other

List notes

curl -s "$API/my-store/notes" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Accept: application/json"

Create note

curl -s -X POST "$API/my-store/notes" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -H "Accept: application/json" \
  -d '{
    "type": "discount",
    "title": "周末特惠",
    "content": "本周六日全场8折,欢迎光临!",
    "valid_from": "2026-04-19",
    "valid_until": "2026-04-20",
    "is_active": true
  }'

Update note

curl -s -X PUT "$API/my-store/notes/{id}" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -H "Accept: application/json" \
  -d '{"is_active": false}'

Delete note

curl -s -X DELETE "$API/my-store/notes/{id}" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Accept: application/json"

Step 5 — Photo Uploads

Photos are uploaded as multipart/form-data. Max size: 5MB per image.

Before uploading, verify the file exists and is within size:

ls -lh /path/to/image.jpg

Store gallery photos

category options: environment | menu | products | video

# Upload store gallery photo
curl -s -X POST "$API/my-store/photos" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Accept: application/json" \
  -F "image=@/path/to/photo.jpg" \
  -F "caption=店内环境" \
  -F "category=environment"

# Reorder gallery (pass ordered array of photo IDs)
curl -s -X PUT "$API/my-store/photos/reorder" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -H "Accept: application/json" \
  -d '{"ids": [3, 1, 2]}'

# Delete gallery photo
curl -s -X DELETE "$API/my-store/photos/{id}" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Accept: application/json"

Product photos

The first photo uploaded for a product automatically becomes its primary image (shown in product listings). Subsequent uploads go into the gallery.

# Upload product photo
curl -s -X POST "$API/my-store/products/{productId}/photos" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Accept: application/json" \
  -F "image=@/path/to/product.jpg" \
  -F "caption=正面图"

# Promote a photo to primary
curl -s -X PUT "$API/my-store/product-photos/{photoId}/primary" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Accept: application/json"

# Delete product photo (next photo auto-promotes to primary if needed)
curl -s -X DELETE "$API/my-store/product-photos/{photoId}" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Accept: application/json"

Response handling

  • Success: look for the data key (or message for deletes). Print key fields (id, name, url) to confirm the operation.
  • 401: token expired → delete /tmp/clawmart_token.txt and re-login.
  • 403: not a seller → call POST $API/become-seller.
  • 422: validation error → show errors to the user for correction.

Booking management (optional)

# List bookings (optional ?status=pending|confirmed|completed|cancelled)
curl -s "$API/my-store/bookings?status=pending" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Accept: application/json"

# Update booking status
curl -s -X PUT "$API/my-store/bookings/{id}/status" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -H "Accept: application/json" \
  -d '{"status": "confirmed"}'
Usage Guidance
This skill appears to do what it says: it will ask you for usernames/passwords and call the ClawMart API with curl, saving the returned token to /tmp/clawmart_token.txt for reuse. Before installing: (1) confirm the API base URL is the official ClawMart domain you expect (or explicitly provide your self-hosted URL); (2) avoid using highly privileged credentials if you can — use a dedicated seller account; (3) be aware the session token is stored in /tmp (not encrypted) and could be read by other local processes — if that is a concern, request the skill be changed to store tokens in a more secure location; (4) confirm whether your environment requires the eval/test behavior (the evals.json expects reading a frontend .env file) — if so, ask the skill author to document that explicitly. Overall this skill is internally consistent and not requesting unrelated permissions.
Capability Analysis
Type: OpenClaw Skill Name: clawmart-cn Version: 2.0.0 The skill bundle provides a legitimate interface for managing a 'ClawMart' e-commerce store via its backend API (www.clawmart.cn). It includes standard operations for authentication, product management, and media uploads using curl commands. The use of /tmp/clawmart_token.txt for session persistence and the request for user credentials are consistent with the stated purpose of a store management tool, with no evidence of malicious intent or unauthorized data exfiltration.
Capability Assessment
Purpose & Capability
The name/description match the instructions: register, login, manage store/products/notes/photos via the ClawMart backend API. No unrelated environment variables, binaries, or installs are requested. Note: the included evals.json contains an assertion about reading NEXT_PUBLIC_API_URL from frontend/.env.local, but SKILL.md does not instruct reading that file — this is an internal mismatch between the test/eval expectations and the runtime instructions (not necessarily malicious, but worth confirming).
Instruction Scope
The SKILL.md confines itself to prompting the user for inputs and calling the documented API endpoints with curl. It does write and read a token to /tmp/clawmart_token.txt for reuse; otherwise it does not instruct reading arbitrary system files or contacting other endpoints. As a minor concern, storing tokens in /tmp is insecure (other local processes may access it); the skill does not encrypt or limit token storage.
Install Mechanism
Instruction-only skill with no install steps and no code files — lowest-risk install footprint.
Credentials
The skill does not request environment variables, keys, or secrets beyond the session token it obtains by authenticating to the ClawMart API. There are no unrelated credentials requested. (Again, the evals.json expectation to read a frontend .env file is not reflected in SKILL.md; confirm whether that is required in your environment.)
Persistence & Privilege
The skill does write a token file to /tmp for reuse and can be invoked autonomously (default). It does not request 'always: true' or modify other skills. Consider the risk that a token stored in /tmp may be accessible to other local users/processes.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install clawmart-cn
  3. After installation, invoke the skill by name or use /clawmart-cn
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v2.0.0
Initial release
v1.0.2
Remove hardcoded local paths; use https://www.clawmart.cn/api as default API URL
v1.0.1
Update name
v1.0.0
Initial release
Metadata
Slug clawmart-cn
Version 2.0.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 4
Frequently Asked Questions

What is ClawMart 我的AI店铺?

Manage a ClawMart CN store via the backend API. Use this skill whenever the user wants to: register a new ClawMart account, log in to their ClawMart store ac... It is an AI Agent Skill for Claude Code / OpenClaw, with 81 downloads so far.

How do I install ClawMart 我的AI店铺?

Run "/install clawmart-cn" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is ClawMart 我的AI店铺 free?

Yes, ClawMart 我的AI店铺 is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does ClawMart 我的AI店铺 support?

ClawMart 我的AI店铺 is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created ClawMart 我的AI店铺?

It is built and maintained by Xiaobing Mi (@xingke2023); the current version is v2.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463368 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259467 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200457 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191163 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190189 · by oswalpalash

💬 Comments