ClawHub

Amazon Alexa Qa

Security checks across malware telemetry and agentic risk

Overview

This skill mostly matches its stated Amazon shopping Q&A purpose, but it includes guidance for stealth multi-session automation and understates that it actively submits prompts through a logged-in Amazon session.

Install only if you are comfortable letting an agent operate a logged-in Amazon browser session, submit questions to Amazon's assistant, and save the returned answers locally. Avoid using the stealth multi-session guidance, keep batches modest, respect Amazon's terms and rate limits, and review or delete saved output files if the questions or responses are sensitive.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
98% confidence
Finding
The skill explicitly recommends opening multiple stealth browser sessions with independent fingerprints so that rate limits apply per session, which is guidance for scaling automation while evading anti-abuse controls. In the context of an Amazon shopping assistant, this goes beyond ordinary user automation and materially increases the risk of abusive scraping, policy evasion, and account or platform misuse.

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The documentation claims the skill only reads data already displayed and is equivalent to copy-pasting, but the described workflow actively injects prompts and causes Amazon's AI assistant to generate new responses. This mismatch can mislead reviewers or operators about the true capability boundary and may cause unsafe approval of an agent that performs active site interaction rather than passive extraction.

Missing User Warnings

Low
Confidence
92% confidence
Finding
The skill instructs users to persist collected Alexa/Amazon response data to a local JSON file without any notice about retention, sensitivity, or safe handling. While the saved content is primarily shopping Q&A, it may still contain account-linked, contextual, or proprietary research data, so silent persistence increases the risk of unintended disclosure on shared systems or in downstream tooling.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal