Amazon
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill matches its Amazon-shopping purpose, but it can control a logged-in Amazon account to buy items or process returns with little or no user confirmation.
Only install this if you are comfortable with an agent controlling a logged-in Amazon account. Before use, change the workflow to require your explicit confirmation for every order and return, avoid password-manager access by the agent, use a dedicated Chrome profile, and log out or remove the profile when finished.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
64/64 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could place an unwanted reorder or submit/confirm a return before the user has reviewed price, item, refund, condition answers, address, or payment details.
The skill directs the agent to use browser automation to complete financial/account-changing Amazon actions without per-action user approval for reorders and returns.
Reorders: "**Place order without confirmation** — no screenshot needed"; Returns: "Do NOT narrate each step — just execute the whole return silently" and "Confirm return"
Require explicit user confirmation immediately before every checkout and every return submission, including item, total price, address, payment method, refund amount, return answers, and drop-off details.
Anyone or anything controlling that browser automation environment may be able to access order history, addresses, payment choices, purchases, and returns on the user's Amazon account.
The instructions grant the agent access to Amazon credentials or an authenticated Amazon session, and that session is persisted in a local browser profile.
"Logged into Amazon — if logged out, retrieve password from your password manager"; "Browser profile persists login at `$HOME/.config/chrome-agent`"
Do not let the agent retrieve passwords from a password manager. Prefer user-mediated login, a dedicated browser profile, explicit checkout approvals, and cleanup or logout after use.
The safety of the automation depends on the user's local agent-browser tool and Chrome debugging setup, which can control the browser session.
The skill relies on an external browser-control CLI and CDP setup, while the provided install metadata contains no install spec or required binary declaration.
"Requires agent-browser CLI with Chrome DevTools Protocol (CDP). Chrome must be running with --remote-debugging-port."
Use only a trusted, reviewed version of agent-browser, keep Chrome debugging limited to a dedicated profile, and declare the required binary/setup in metadata.