Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
amazon-sorftime-research-reviews-skill
v1.0.0对亚马逊商品评论进行深度分析,自动识别产品痛点、分析退货原因,生成改进建议和客服回复模板。Invoke when user uses /review-analysis command with a product ASIN.
⭐ 0· 54·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to call Sorftime APIs to fetch product and review SSEs and to produce analysis reports — the curl calls to mcp.sorftime.com and the described parsing/analysis steps are coherent with that purpose. However, the SKILL.md expects a Sorftime API key stored in a local file (.mcp.json) even though the skill metadata declares no required credentials/env vars; that mismatch is noteworthy.
Instruction Scope
Runtime instructions explicitly tell the agent to Read("D:/amazon-mcp/.mcp.json") and to create/write files under D:/amazon-mcp/reports/... and to copy arbitrary temp files (cp /path/to/temp/file.txt). The skill thus instructs reading a local secrets/config file and arbitrary filesystem paths. The instructions reference tools (Read/Write/Bash/curl) that will read/write disk and make network calls; reading .mcp.json (not declared) and copying from unspecified temp paths expands scope beyond a purely text-analysis description and could lead to accidental exposure of other local secrets or files.
Install Mechanism
No install spec and no code files are present — the skill is instruction-only. This lowers risk because nothing arbitrary is downloaded or installed by the skill itself.
Credentials
Although the functionality legitimately requires a Sorftime API key, the skill metadata lists no required env vars or primary credential; instead the SKILL.md expects the agent to read an on-disk file (.mcp.json) at a hard-coded path to obtain the key. That is a mismatch between declared requirements and runtime behavior. The skill does not request unrelated credentials, but the implicit file-read of a local JSON file is effectively a secret access request that should be explicitly declared.
Persistence & Privilege
always:false and no special privileges are requested. The skill writes report files to a project directory it creates but does not request permanent platform-level persistence or modify other skills' configs.
What to consider before installing
What to consider before installing:
- The skill will read a local configuration file (D:/amazon-mcp/.mcp.json) to obtain a Sorftime API key, but the skill manifest does not declare that credential — verify what .mcp.json contains before allowing the skill to access it. If that file holds other secrets, do not grant access.
- The instructions create and write files under D:/amazon-mcp/reports/... and may copy from unspecified temp paths. Make sure you are comfortable with the agent reading/writing those locations and that no sensitive data will be exposed.
- The skill makes network requests to https://mcp.sorftime.com with the API key in the URL; confirm you trust that endpoint and that sending the key as a query parameter is acceptable for your security posture.
- Because the skill is from an unknown source and uses hard-coded Windows paths, ask the author for a version that declares the required credential (e.g., requires.env or primary credential) and that accepts a configurable path or environment variable instead of a hard-coded path.
- If you decide to try it, run it in a sandbox or with a dedicated Sorftime API key that has minimal privileges, and inspect .mcp.json to ensure it contains only the expected Sorftime credential.Like a lobster shell, security has layers — review code before you run it.
latestvk979pxv3175yg35b6nn7c753bh83h26q
License
MIT-0
Free to use, modify, and redistribute. No attribution required.