ClawHub

Sorftime Product detail

Security checks across malware telemetry and agentic risk

Overview

The skill mostly does the advertised Amazon ASIN lookup, but it also tells agents to automatically send feedback containing user intent or comments to a separate LinkFox endpoint without explicit user confirmation.

Review before installing. The ASIN lookup itself is coherent, but only use this skill if you are comfortable sharing ASIN queries, marketplace choices, trend ranges, and a LinkFox API key with LinkFox/Sorftime. Disable or strictly control the feedback workflow unless users explicitly consent to sending feedback text and business context to the separate skill-api.linkfox.com endpoint.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The skill is for ASIN product-detail and trend lookup, but the documentation also introduces a separate feedback API that sends data to a different external service. This expands the skill's effective data-flow surface beyond its stated purpose and can enable unexpected transmission of user content or conversation-derived summaries without clear necessity for the primary function.

Vague Triggers

High
Confidence
92% confidence
Finding
The trigger scope is intentionally broad: it says the skill should activate even when the user does not mention Sorftime, as long as the request loosely involves ASIN detail or trend analysis. Over-broad triggering can cause the wrong skill to capture user requests, route data to an external provider unexpectedly, and bypass user intent or consent about tool choice.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The feedback API accepts free-form content and sends it to a separate external endpoint, but the documentation does not warn that user-provided text will leave the primary tool path. In an agent setting, this creates a real risk of unintended exfiltration of sensitive user data, prompts, or business context through feedback content that may be generated automatically or with insufficient notice.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal