Agentic Commerce skills enables agents to autonomously browse and search for quality lifestyle, wellness, and tech products and gifts, view details, create o...
Security Analysis
high confidenceThe skill is an instruction-only shopping/checkout integration that consistently documents public API endpoints and requires no credentials or installs; its requirements and instructions match the described purpose.
Name and description describe browsing, checkout, and multi-chain payments; the SKILL.md documents public REST endpoints, product IDs, checkout fields, and payment flows. No requested env vars or binaries are inconsistent with a public e-commerce integration.
Instructions stay within commerce scope (search, product detail, create order, poll status). They explicitly warn not to infer or send identity tokens unless runtime provides X-Moltbook-Identity and require explicit user confirmation before instructing a payment — good. Two operational notes: (1) the skill recommends polling /orders/{orderId}/status every 5s while awaiting payment (this could produce many requests if used at scale), and (2) checkout flow returns on-chain payment addresses and amounts — the agent must ensure explicit user confirmation before asking users to send crypto and should present QR codes/addresses clearly to avoid user mistakes.
Instruction-only skill with no install spec and no code files. Nothing is written to disk and there are no third-party downloads — lowest install risk.
The skill declares no required environment variables, credentials, or config paths. It does mention an optional runtime-supplied X-Moltbook-Identity header for agent-only endpoints but explicitly warns not to infer or send it otherwise; this is reasonable and proportionate for the documented capabilities.
always:false and normal agent invocation behavior. The skill does not request permanent platform-wide privileges or attempt to modify other skills/configs. No persistence/privilege concerns were found.
Guidance
This skill is internally consistent with a public e-commerce API: it needs no credentials or installs and documents how to browse, create orders, and accept crypto payments. Before installing or using it, consider the following practical points: (1) Verify you trust the merchant (forthecult.store) before sending cryptocurrency — crypto payments are irreversible and have limited consumer protections. (2) Ensure your agent asks for explicit human confirmation before telling a user to send funds and clearly displays the exact payment address, chain, token, and amount (or a QR code). (3) Be aware the skill recommends aggressive polling (every ~5s) while awaiting payment — that can hit rate limits; configure reasonable backoff if needed. (4) Do not expose private keys or wallet secrets to the agent; only provide a public wallet address if you want any on-chain discount applied. (5) Only allow the agent to send X-Moltbook-Identity headers if your runtime explicitly supplies them and you understand what that identity grants. If you want additional assurance, request provenance (who published the skill) or test sandbox endpoints before enabling production transactions.
Latest Release
v1.0.5
- Clarified that no API key or environment variables are needed; shopping and order status work without authentication. - Added stricter guidance: only send X-Moltbook-Identity for agent-specific endpoints (/agent/me, /agent/me/orders, /agent/me/preferences) and only if the agent runtime provides the token. - Emphasized that identity tokens must never be inferred, generated, or sent unless explicitly provided by the agent environment. - Improved compatibility and identity instructions to prevent accidental credential misuse. - Enhanced documentation for agent-only endpoint usage and routine flows.
More by @bythecult
Published by @bythecult on ClawHub
