Amazon Review Intelligence Extractor

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed APIClaw Amazon research skill that uses an API key to fetch review, product, competitor, pricing, and market data.

Install only if you are comfortable giving the skill an APIClaw API key and sending Amazon ASINs, keywords, category paths, competitor lists, and business research context to APIClaw. Use a limited or low-risk API key if available, monitor credit usage, and treat the market-entry wording in the reference file as a documentation inconsistency rather than a separate hidden capability.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (4)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 90% confidence
Finding: The skill requires an API key and references an executable script that can read files and make network requests, but the manifest does not explicitly declare permissions/capabilities for env, file access, or network use. This reduces transparency and weakens policy enforcement because a user or platform may authorize the skill without understanding that it can access secrets and communicate externally.

Tp4

High

Category: MCP Tool Poisoning
Confidence: 84% confidence
Finding: The skill is presented as a narrow review-intelligence tool, but the described behavior indicates substantially broader product research, market analysis, monitoring, listing audit, pricing, and connectivity-test functionality. This mismatch can lead users and security controls to approve the skill under a narrower trust assumption while it performs wider data collection and external interactions than expected.

Description-Behavior Mismatch

High

Confidence: 98% confidence
Finding: The reference file is for a different skill ('Market Entry Analyzer') than the declared Amazon review intelligence extractor, which indicates capability/behavior drift between the manifest and implementation guidance. This mismatch can cause the agent to invoke unrelated endpoints, process unintended data domains, and produce outputs outside the user-approved scope, undermining trust and security review boundaries.

Intent-Code Divergence

Medium

Confidence: 95% confidence
Finding: The file asserts use of all 11 API endpoints, many of which are market, pricing, brand, and product-history endpoints that exceed the stated review-intelligence use case. Overstating or broadening endpoint usage expands the skill's effective permissions and data access surface, making it easier for the agent to collect or infer unnecessary competitive and commercial data.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal