Amazon SEO

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only Amazon listing optimization skill, with no code, credentials, persistence, or hidden account actions.

Safe to install for Amazon SEO drafting and audits. Users should review all generated listing copy before use, confirm multilingual backend terms are relevant to the product and target shoppers, follow Amazon policy, and avoid sharing seller credentials unless using a separate trusted integration.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Natural-Language Policy Violations

Medium

Confidence: 78% confidence
Finding: The skill states that US listings should default to Spanish keyword coverage, which can cause the agent to add language-specific terms without explicit user approval or evidence that the product targets Spanish-speaking shoppers. While not a direct security exploit, it can lead to unauthorized content changes, poor localization choices, and potential compliance or brand-quality issues in automated workflows.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal