Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
amazon-sorftime-research-keywords-skill
v1.0.0亚马逊关键词深度调研与智能分类分析。基于 Sorftime MCP 数据采集 2000+ 关键词,通过 LLM Agent 按 8 维度智能分类(否定词、品牌词、材质词、场景词、属性词、功能词、核心词、其他),生成 Markdown 报告、CSV 词库和 HTML 仪表板。触发方式:/keyword-resear...
⭐ 0· 58·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to collect data from Sorftime MCP and run LLM-based classification, and the code and SKILL.md show calls to mcp.sorftime.com — that is coherent. However, the package does not declare any required environment variables or config paths even though the README and SKILL.md reference an API key and automatic reading from a local `.mcp.json`. Not declaring this credential/config is inconsistent and unexpected.
Instruction Scope
Runtime instructions direct the agent to run local Python scripts which call Sorftime endpoints and invoke an LLM for classification; that is within the skill's stated purpose. But instructions and README indicate automatic reading of a local `.mcp.json` and include curl examples embedding {API_KEY} in the URL — the SKILL metadata did not declare needing this config or key. The agent will run code that reads local files and performs network calls; the SKILL.md doesn't explicitly surface those file reads or where secrets come from.
Install Mechanism
There is no install spec (instruction-only), which reduces supply-chain risk. However, the skill bundle includes multiple non-trivial scripts (keyword_collector.py, workflow.py, SSE parsing, report generation) that will be written to disk as part of the skill package and executed. That's expected for a code-backed skill but worth noting because execution will happen locally.
Credentials
The skill requires access to Sorftime MCP (an API key) according to README and SKILL.md, but the registry metadata lists no required env vars or config paths. This is a clear discrepancy: the skill will need a credential (.mcp.json or API_KEY) but did not declare it. Additionally, SKILL.md demonstrates putting the API key in the URL query string (curl ...?key={API_KEY}), which risks leaking the key in logs. No other unrelated credentials are requested in the visible files.
Persistence & Privilege
The skill is not marked always:true and does not request elevated or permanent platform privileges. Scripts are self-contained and generate local report files; there is no evidence in the shown files that the skill modifies other skills or global agent settings.
What to consider before installing
This package largely does what it claims (collect Sorftime data, run LLM classification, produce CSV/MD/HTML reports), but there are a few red flags to resolve before trusting it: 1) The code and README expect a Sorftime API key (and mention `.mcp.json`), yet the skill metadata does not declare any required env vars or config path — verify where the code reads the key (inspect workflow.py and keyword_collector.py) and how you'll supply it. 2) Example curl calls put the API key in the URL query string — consider changing to an Authorization header to avoid accidental leakage in logs. 3) The skill bundle contains executable scripts; review the omitted files (especially workflow.py and keyword_collector.py) for any unexpected network endpoints or file reads before running. 4) The skill source/homepage is missing; prefer skills with verifiable provenance. Suggested actions: inspect workflow.py to confirm .mcp.json handling, run initial tests in a sandboxed environment, provide the Sorftime key only via a secure config file or env var you control, and ensure logs do not expose the key. If you cannot inspect the remaining files, treat this skill as untrusted.Like a lobster shell, security has layers — review code before you run it.
latestvk972ar1etv497cmyyjtc85q1y183hxt5
License
MIT-0
Free to use, modify, and redistribute. No attribution required.