ClawHub

Ebay Price Check

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a narrow eBay price lookup tool, with some reliability and disclosure issues but no evidence of hidden access, persistence, credential use, or malicious behavior.

Install only if you are comfortable sending item search terms to eBay. Expect possible setup and accuracy issues: the wrapper path looks incorrect, the Python script has a decode bug, and the tool appears to scrape public eBay pages rather than use an official API.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Output HandlingUnvalidated Output Injection, Cross-Context Output, Unbounded Output
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (4)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
url = f"https://www.ebay.com/sch/i.html?_nkw={quote(query)}&_fsiv=1&_sop=15&_ufl=15"
    
    try:
        result = subprocess.run(
            ["curl", "-s", "-L", url],
            capture_output=True,
            text=True,
Confidence
70% confidence
Finding
result = subprocess.run( ["curl", "-s", "-L", url], capture_output=True, text=True, timeout=30 )

Intent-Code Divergence

Low
Confidence
90% confidence
Finding
The docstring at L13 describes a straightforward eBay search, implying the function returns fetched page content. But `subprocess.run(..., text=True)` makes `result.stdout` a string, and L25 calls `.decode(...)` on that string, which raises an exception and causes the function to return an error string instead of HTML. This is a direct contradiction between documented behavior and actual behavior.

Missing User Warnings

Low
Confidence
88% confidence
Finding
This Python code makes an external HTTP request to ebay.com using curl, which transmits the user-provided search query off-system. While the tool's name implies eBay lookups, the code itself provides no confirmation prompt, logging, or explicit user-facing notice at the point of execution about the outbound network access.

Unvalidated Output Injection

High
Category
Output Handling
Content
url = f"https://www.ebay.com/sch/i.html?_nkw={quote(query)}&_fsiv=1&_sop=15&_ufl=15"
    
    try:
        result = subprocess.run(
            ["curl", "-s", "-L", url],
            capture_output=True,
            text=True,
Confidence
95% confidence
Finding
subprocess.run( ["curl", "-s", "-L", url], capture_output

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal