Skip to main content

TiendaNube Commerce Bridge

Facilitates integration with Tienda Nube for e-commerce, enabling OAuth, product catalog synchronization, and order management.

Install this skill

or
40/100

Security score

The TiendaNube Commerce Bridge skill was audited on May 31, 2026 and we found 28 security issues across 4 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 50

Template literal with variable interpolation in command context

SourceSKILL.md
50const redirectUri = `${window.location.origin}/auth/callback`;
medium line 98

Template literal with variable interpolation in command context

SourceSKILL.md
98redirect_uri: `${window.location.origin}/auth/callback`
medium line 305

Template literal with variable interpolation in command context

SourceSKILL.md
305```python
medium line 494

Webhook reference - potential data exfiltration

SourceSKILL.md
494## 8. Webhooks (Opcional)
medium line 496

Webhook reference - potential data exfiltration

SourceSKILL.md
496### Configurar Webhook
low line 498

Webhook reference - potential data exfiltration

SourceSKILL.md
498async def setup_tiendanube_webhook(
low line 503

Webhook reference - potential data exfiltration

SourceSKILL.md
503Registra webhook para recibir eventos de TiendaNube
low line 517

Webhook reference - potential data exfiltration

SourceSKILL.md
517# URL del webhook
low line 518

Webhook reference - potential data exfiltration

SourceSKILL.md
518webhook_url = f"{BASE_URL}/webhooks/tiendanube/{tenant_id}"
low line 520

Webhook reference - potential data exfiltration

SourceSKILL.md
520# Crear webhook
low line 522

Webhook reference - potential data exfiltration

SourceSKILL.md
522f"https://api.tiendanube.com/v1/{user_id}/webhooks",
low line 525

Webhook reference - potential data exfiltration

SourceSKILL.md
525"url": webhook_url,
medium line 533

Webhook reference - potential data exfiltration

SourceSKILL.md
533### Recibir Webhook
low line 535

Webhook reference - potential data exfiltration

SourceSKILL.md
535@router.post("/webhooks/tiendanube/{tenant_id}")
low line 536

Webhook reference - potential data exfiltration

SourceSKILL.md
536async def handle_tiendanube_webhook(
low line 49

Access to .env file

SourceSKILL.md
49const clientId = import.meta.env.VITE_TIENDANUBE_CLIENT_ID;
medium line 679

Access to .env file

SourceSKILL.md
679- [ ] TIENDANUBE_CLIENT_ID en .env
medium line 680

Access to .env file

SourceSKILL.md
680- [ ] TIENDANUBE_CLIENT_SECRET en .env
low line 37

External URL reference

SourceSKILL.md
37Redirect URI: https://yourdomain.com/auth/callback
low line 52

External URL reference

SourceSKILL.md
52const authUrl = new URL('https://www.tiendanube.com/apps/authorize/token');
low line 147

External URL reference

SourceSKILL.md
147"https://www.tiendanube.com/apps/authorize/token",
low line 229

External URL reference

SourceSKILL.md
229f"https://api.tiendanube.com/v1/{user_id}/products",
low line 343

External URL reference

SourceSKILL.md
343f"https://api.tiendanube.com/v1/{user_id}/products",
low line 402

External URL reference

SourceSKILL.md
402f"https://api.tiendanube.com/v1/{user_id}/orders",
low line 471

External URL reference

SourceSKILL.md
471f"https://api.tiendanube.com/v1/{user_id}/products",
low line 522

External URL reference

SourceSKILL.md
522f"https://api.tiendanube.com/v1/{user_id}/webhooks",
low line 580

External URL reference

SourceSKILL.md
580f"https://api.tiendanube.com/v1/{user_id}/store",
low line 686

External URL reference

SourceSKILL.md
686**Tip**: Para debugging, usar TiendaNube API Explorer: https://tiendanube.github.io/api-documentation/
Scanned on May 31, 2026
View Security Dashboard
Installation guide →
Rate this skill
Categorymarketing
UpdatedJune 15, 2026
openclawapifrontendbackendproduct-marketergrowth-marketerbackend-developerfrontend-developermarketingdevelopment
adriangmrraa/clinicforge