Dataify Google Shopping Keywords

Security checks across malware telemetry and agentic risk

Overview

The skill appears to create Dataify Google Shopping scraping tasks, but its trigger text includes unrelated Instagram requests and its token handling can expose an API token locally.

Review before installing. Use it only for Dataify Google Shopping keyword collection, avoid invoking it for Instagram tasks, and prefer providing the Dataify token through a protected environment variable rather than a command-line --token argument.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 88% confidence
Finding: The manifest description includes unrelated Instagram Reel scraping use cases even though the implementation is for Google Shopping keywords. This mismatch can cause the skill to be triggered for unrelated requests, leading to confused-deputy behavior where users or orchestrators invoke the wrong scraper and potentially send data to an external API under false expectations.

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The activation text is overly broad and contains unrelated Instagram Reel trigger phrases, which can cause accidental or adversarial invocation outside the intended Google Shopping context. In a skill that performs network scraping and handles API tokens, ambiguous routing increases the risk of unintended data collection, external requests, and user confusion about what system is being queried.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal