Back to skill

Security audit

clawec-amazon-keyword-search

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed ClawEC Amazon keyword research helper that uses a single service API key for purpose-aligned requests, with no evidence of hidden collection, persistence, or destructive behavior.

Install this only if you intend to use ClawEC for Amazon keyword research. Use a ClawEC API key with appropriate account limits, be aware that submitted keywords and result lookups go to clawec.com, and expect the skill to consume any ClawEC credits or quota associated with that API key.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
86% confidence
Finding
The skill instructs use of environment variables and shell commands to access an external API, but the skill metadata does not declare corresponding permissions. That creates a permission-model mismatch: an agent may invoke shell or read secrets without transparent capability disclosure, which weakens reviewability and can enable unintended secret access or command execution paths.

Vague Triggers

Medium
Confidence
79% confidence
Finding
The description uses broad trigger phrases such as keyword search, keyword analysis, and keyword mining, which can cause the skill to activate for generic user requests beyond the intended ClawEC/Amazon context. Over-broad activation increases the chance the agent routes unrelated requests into a skill that requests API credentials and performs external calls, creating unnecessary data exposure and user confusion.

Natural-Language Policy Violations

Medium
Confidence
75% confidence
Finding
The skill is written entirely in Chinese and implies Chinese-language interaction without checking the user's language preference. This is mainly a safety and usability issue: users may misunderstand consent, credential requests, or output content, which can lead to accidental disclosure or misuse of results.

VirusTotal

57/57 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.