ClawHub

Amazon Market Research

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Amazon market-research report skill, but users should understand that it calls a configured AI provider and saves generated reports locally.

Install only if you are comfortable providing a model API key, sending product and market research prompts to the configured AI provider, and keeping generated markdown reports in the skill directory. Avoid using confidential product strategy unless you trust that provider, and review the local .env file before running because it is sourced by the shell wrapper.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (6)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill advertises execution of a shell script and the analyzer detected environment access, file writing, and network use, but the manifest declares no permissions or user-facing notice. This creates a transparency and consent problem: users may invoke the skill without realizing it can access external resources and persist data locally, which increases the chance of unintended data exposure or unsafe execution in a broader agent environment.

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The skill persists the generated report to a local Markdown file even though its stated purpose is report generation/display, and it does so without an explicit user opt-in. This can create unintended local data retention of potentially sensitive business queries or model output, especially in shared or managed environments.

Missing User Warnings

Low
Confidence
88% confidence
Finding
The skill states that a full report is saved locally but does not tell the user where the file is written, what data it contains, or whether the filename/path is derived from user input. Even if the write is expected behavior, undocumented local persistence can leak sensitive prompts or research content into shared or insecure directories and makes informed consent impossible.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill writes the full generated market research report to disk without any user-facing disclosure. Because the report includes raw user intent and derived commercial analysis, silent persistence can leak sensitive business information to other local users, backups, or later processes.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The skill sends the user's raw request plus extracted product, market, and platform data to an external model API without any user-facing notice. This is dangerous because user prompts may contain confidential product plans or market strategy information that leaves the local environment unexpectedly.

Credential Access

High
Category
Privilege Escalation
Content
cp "$SKILL_DIR/ENV_TEMPLATE.txt" "$SKILL_DIR/.env"
fi

if [ -f "$SKILL_DIR/.env" ]; then
  set -a
  # shellcheck disable=SC1091
  source "$SKILL_DIR/.env"
Confidence
94% confidence
Finding
.env"

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal