Amazon Screenshot
WarnAudited by ClawScan on May 13, 2026.
Overview
This skill performs the stated Amazon screenshot workflow, but it also uses stealth browser automation, persistent logged-in Chrome state, and a hard-coded email password that require careful review before installation.
Only install this in a trusted, isolated environment if you are comfortable with a persistent Amazon browser profile, automated anti-bot evasion, and email sending through a shared MOSS account. Rotate/remove the embedded SMTP password, use a dedicated non-personal browser profile, and require manual approval for verification pages and large batches.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone with access to the skill package could potentially reuse or abuse the MOSS email account, and sent screenshots would come from that shared identity.
The SMTP account password is embedded directly in the shipped source rather than supplied through a declared secret or user-controlled credential.
user: 'moss@campsnail.com', pass: 'rDs70Bw...'
Remove the hard-coded password, rotate the exposed credential, use a secret store or per-user OAuth/app password, and declare the required credential in metadata.
Screenshots may reflect a logged-in Amazon account and saved address, and that browser state can be reused by later invocations of the skill.
The skill intentionally persists browser cookies and shipping-address state across runs, which can contain sensitive account/session data.
持久化登录状态:使用独立 Profile 目录(`chrome_profile/`),保存 Cookie 和收货地址
Use a dedicated low-privilege Amazon/browser profile, avoid saving personal addresses or payment/session data, document exactly what profile data is retained, and provide a clear way to clear it.
Automating Amazon with bot-detection evasion can trigger account, IP, or service restrictions and may violate site rules.
The skill explicitly advertises automatic handling of human-verification prompts and stealth changes intended to evade automation detection.
支持人机校验自动点击 ... 反爬注入:自动注入 Stealth 脚本,修补 navigator.webdriver 等自动化检测点
Remove stealth and verification-bypass behavior, require manual user handling for verification pages, and make browser automation limits explicit.
The skill needs permission to run local commands and inspect local X11 socket state.
The code executes a local Python command to detect the active X11 display. The command is fixed and purpose-aligned, but it is still shell execution.
const { execSync } = require('child_process');
const display = execSync('python3 - <<EOFDeclare Python/X11 requirements, avoid shell execution if possible, and run the skill only in a trusted, isolated environment.
Installation or execution may rely on dependencies and binaries that are not fully declared in the registry metadata.
The skill ships package dependency declarations, including browser automation and stealth tooling, despite the registry saying there is no install spec.
"nodemailer": "^8.0.7", "playwright": "^1.59.1", "playwright-extra-plugin-stealth": "^0.0.1"
Add an explicit install spec, declare required binaries such as Chrome and Python, and keep dependency versions pinned and reviewed.
A large ASIN list could tie up the browser session, create many network requests, or increase the chance of Amazon/account rate limiting.
The implementation allows very large batches in one request, which can drive many browser visits and email attachment operations.
const BATCH_SIZE = 9999; // 全一批,无数量限制
Add a practical batch limit, require confirmation for large jobs, and expose progress/cancellation controls.