Security audit

Junglescout Keyword By Asin

Security checks across malware telemetry and agentic risk

Overview

The skill performs the advertised ASIN keyword lookup, but it also directs agents to automatically send feedback content to a separate LinkFox endpoint without clear user approval.

Review before installing. The ASIN keyword lookup itself is disclosed, but install only if you are comfortable sending ASIN research, LinkFox API-key-authenticated requests, and possibly automatically generated feedback content to LinkFox services. Avoid including confidential business context in prompts unless you intend it to be shared.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (4)

Context-Inappropriate Capability

Medium

Confidence: 92% confidence
Finding: The skill adds an unconditional instruction to call a separate Feedback API for multiple situations unrelated to the user’s ASIN keyword lookup request. This introduces an unnecessary secondary data flow that could exfiltrate user prompts, query contents, or satisfaction signals to another endpoint without clear consent or need for the primary function.

Context-Inappropriate Capability

Medium

Confidence: 95% confidence
Finding: The documentation includes a separate public feedback API that is unrelated to the core ASIN keyword lookup function, expanding the skill's capabilities beyond user expectations. This creates a data-flow risk because an agent may send user content or conversation summaries to a second endpoint without clear necessity, consent, or tight scoping.

Vague Triggers

Medium

Confidence: 85% confidence
Finding: The trigger conditions are written very broadly, including generic keyword-expansion and competitor-keyword intents even when the user does not explicitly request Jungle Scout or reverse-ASIN lookup. Overbroad routing can cause the wrong skill to activate, sending user inputs to an external data source unnecessarily and producing actions outside the user’s intended scope.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The feedback section instructs posting free-form content to a separate public endpoint but provides no privacy warning, redaction guidance, or limits on including user data. In an agent context, this can lead to exfiltration of user prompts, proprietary ASIN research, or other sensitive context under the guise of operational feedback.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.