ClawHub

Amazon Market Entry Analyzer

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Amazon market research skill that calls APIClaw with user-provided product/category inputs; it has some disclosure gaps around credential fallback and extra related CLI commands, but no hidden exfiltration, destructive behavior, or persistence was found.

Install only if you are comfortable sending Amazon research inputs such as product keywords, category paths, and ASINs to APIClaw and consuming API credits. Prefer setting APICLAW_API_KEY in the environment, avoid shared local config files for API keys, and use explicit prompts for broad analyses that may make many API calls.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill metadata declares only an environment variable requirement, while the skill behavior implies additional capabilities including file reads and network access. This weakens the trust boundary for users and hosts because the skill can perform more privileged actions than its manifest clearly communicates, increasing the chance of unintended data access or outbound transmission.

Tp4

High
Category
MCP Tool Poisoning
Confidence
96% confidence
Finding
The skill is presented as a narrow market-entry analyzer, but the underlying script reportedly exposes a much broader CLI surface, including unrelated research modes, monitoring, audits, self-checks, direct lookup utilities, and reading API keys from config files. This mismatch is dangerous because it can cause the agent or user to invoke functionality outside the expected scope, leading to excessive network activity, unintended data collection, or access to local secrets not covered by the advertised behavior.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal