技能详情(站内镜像,无评论)
许可证:MIT-0
MIT-0 ·免费使用、修改和重新分发。无需归因。
版本:v0.1.0
统计:⭐ 6 · 1.8k · 1 current installs · 1 all-time installs
⭐ 6
安装量(当前) 1
🛡 VirusTotal :良性 · OpenClaw :可疑
Package:alhwyn/clawpify
安全扫描(ClawHub)
- VirusTotal :良性
- OpenClaw :可疑
OpenClaw 评估
The skill's instructions match Shopify GraphQL usage but it omits required credentials and relies on an ambiguous external tool (shopify_graphql / MCP server), creating a risk of misconfiguration or data exfiltration.
目的
The name/description claim full Shopify Admin GraphQL capabilities, but the skill declares no required credentials, no primaryEnv, and no config paths — yet interacting with the Shopify Admin API requires a shop domain and an admin API access token (or equivalent OAuth credentials). The dependency on a 'shopify_graphql' tool is the only mechanism shown to reach Shopify, but its provenance is unspecified. This mismatch between claimed capabilit…
说明范围
SKILL.md stays within the Shopify GraphQL domain: it provides queries/mutations, error-checking, pagination guidance, and explicit permission rules for destructive operations. It does not instruct reading arbitrary local files or unrelated environment state. However, it does not explain how credentials are supplied to the 'shopify_graphql' tool or how the tool handles requests/responses, which leaves an operational gap that affects security/pr…
安装机制
There is no install spec and no code files (instruction-only), which is low-risk in isolation. The notable item is the dependency listed: 'Tool: shopify_graphql (from MCP server or custom function)'. That indicates the skill expects either a remote managed component (MCP server) or a locally provided function; the remote option could route store data through an external server. The SKILL.md does not clarify whether traffic stays within the use…
证书
No environment variables or credentials are declared, despite the skill requiring access to sensitive store data (products, orders, customers, inventory, refunds, bulk exports). This is disproportionate: at minimum the store domain and an admin API token (or OAuth client/secret) are needed. The absence of declared secrets and the vague external tool both raise the possibility that credentials would be requested or routed at runtime in an ad-ho…
持久
The skill does not request persistent presence (always:false) and does not declare writes to agent/system configuration. Autonomous invocation is allowed (platform default). There is no explicit mechanism in the SKILL.md to persist credentials or modify other skills' settings.
安装(复制给龙虾 AI)
将下方整段复制到龙虾中文库对话中,由龙虾按 SKILL.md 完成安装。
请把本段交给龙虾中文库(龙虾 AI)执行:为本机安装 OpenClaw 技能「Clawpify」。简介:Query and manage Shopify stores via GraphQL Admin API. Use for products, orders…。
请 fetch 以下地址读取 SKILL.md 并按文档完成安装:https://raw.githubusercontent.com/openclaw/skills/refs/heads/main/skills/alhwyn/clawpify/SKILL.md
(来源:yingzhi8.cn 技能库)SKILL.md
---
name: clawpify
description: Query and manage Shopify stores via GraphQL Admin API. Use for products, orders, customers, inventory, discounts, and all Shopify data operations.
dependencies:
- Tool: shopify_graphql (from MCP server or custom function)
---
# Shopify GraphQL Admin API
A comprehensive skill for interacting with Shopify's GraphQL Admin API. This skill enables Claude to query and manage all aspects of Shopify store data.
## When to Use This Skill
Use this skill when the user asks about:
- Products (list, search, create, update, delete)
- Orders (view, cancel, fulfill)
- Customers (list, create, update)
- Inventory (check levels, adjust quantities)
- Discounts (create codes, manage promotions)
- Any other Shopify store operations
## Critical Operations Requiring Permission
IMPORTANT: Before executing any of the following operations, you MUST ask for explicit user permission:
- Refunds: Create refunds (permanent financial transactions)
- Order Cancellations: Cancel orders (may trigger refunds)
- Gift Card Deactivation: Permanently disable gift cards
- Inventory Adjustments: Modify stock levels
- Product Deletions: Permanently remove products
- Discount Activations: Change pricing for customers
Always show what will be changed and wait for user confirmation.
## How to Use
1. Use the `shopify_graphql` tool to execute queries
2. Check for `errors` (GraphQL issues) and `userErrors` (validation issues)
3. Use pagination with `first`/`after` for large result sets
4. Format all IDs as: `gid://shopify/Resource/123`
## Available References
For detailed patterns and examples, refer to the reference documents:
- products.md - Products and variants management
- orders.md - Order operations
- customers.md - Customer management
- inventory.md - Inventory and locations
- discounts.md - Discount codes and promotions
- collections.md - Product collections
- fulfillments.md - Order fulfillment and shipping
- refunds.md - Process refunds
- draft-orders.md - Draft order creation
- gift-cards.md - Gift card management
- webhooks.md - Event subscriptions
- locations.md - Store locations
- marketing.md - Marketing activities
- markets.md - Multi-market setup
- menus.md - Navigation menus
- metafields.md - Custom data fields
- pages.md - Store pages
- blogs.md - Blog management
- files.md - File uploads
- shipping.md - Shipping configuration
- shop.md - Store information
- subscriptions.md - Subscription management
- translations.md - Content translations
- segments.md - Customer segments
- bulk-operations.md - Bulk data operations
## Quick Examples
### List Recent Orders
```graphql
query {
orders(first: 10, sortKey: CREATED_AT, reverse: true) {
nodes {
id
name
totalPriceSet {
shopMoney { amount currencyCode }
}
customer { displayName }
}
}
}
```
### Search Products
```graphql
query {
products(first: 10, query: "title:*shirt* AND status:ACTIVE") {
nodes {
id
title
status
}
}
}
```
### Check Inventory
```graphql
query GetInventory($id: ID!) {
inventoryItem(id: $id) {
id
inventoryLevels(first: 5) {
nodes {
quantities(names: ["available"]) {
name
quantity
}
location { name }
}
}
}
}
```
## Error Handling
Always check responses:
- `errors` array = GraphQL syntax issues
- `userErrors` in mutations = validation problems
## Best Practices
1. Request only needed fields to optimize response size
2. Use pagination for lists that may grow
3. Check userErrors in all mutation responses
4. Ask permission before dangerous operations
5. Format results clearly for the user
6. Use bulk operations for large data exports/imports
7. Handle rate limits with exponential backoff