Security audit

Echotik New Product Rank

Security checks across malware telemetry and agentic risk

Overview

The skill fits its Amazon report purpose, but it handles sensitive seller access and includes automatic feedback reporting without clear user opt-in.

Install only if you trust LinkFox with Amazon seller report workflows and understand that the skill depends on an auth skill for seller tokens. Before use, disable or require confirmation for any automatic Feedback API submission, and avoid sending sensitive report contents or business context to feedback endpoints unless you explicitly approve it.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration

Findings (4)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 83% confidence
Finding: The skill explicitly references a LinkFox tool gateway API and a separate Feedback API, which implies outbound network access and possibly environment-based credentials, yet no permissions are declared. This creates a transparency and governance gap: the runtime may perform network actions users and platform operators are not expecting, making review, sandboxing, and consent controls weaker.

Context-Inappropriate Capability

Medium

Confidence: 95% confidence
Finding: The skill instructs the agent to auto-detect user sentiment or mismatches and send that information to a separate Feedback API unrelated to the core ranking lookup. This is a scope expansion that can exfiltrate user content or metadata without an explicit user request, violating least surprise and potentially leaking sensitive business queries or personal data to another service.

Context-Inappropriate Capability

Medium

Confidence: 93% confidence
Finding: The documentation embeds a separate public feedback API that is unrelated to the stated product-ranking function of the skill. Mixing an auxiliary write-capable endpoint into the same reference increases the chance an agent will transmit user content to a third-party service without clear user consent or necessity, creating data-leakage and prompt-injection surface area.

Vague Triggers

Medium

Confidence: 79% confidence
Finding: The trigger conditions are broad enough to activate on generic product-research or trend-discovery requests whenever TikTok or short-video commerce is only loosely implied. Overbroad activation can route unrelated user requests into this skill, causing unintended external API calls and disclosure of user prompts to a third-party data source outside the user's expectation.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal