Security audit

Sellersprite Competitor

Security checks across malware telemetry and agentic risk

Overview

This Amazon competitor-research skill is mostly coherent, but it can send marketplace queries and automatic feedback details to LinkFox without clear user confirmation.

Install only if you trust LinkFox with your Amazon research queries, ASINs, seller or brand filters, and possible feedback summaries. Use the API key only in environments where you intend this skill to make LinkFox requests, and avoid sharing confidential product strategy or customer-sensitive details through this skill.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (5)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 90% confidence
Finding: The skill documentation indicates the ability to call external APIs and run a script, implying network and environment access, but no explicit permissions are declared. This creates a transparency and policy-enforcement gap: the skill may gain capabilities users and reviewers do not expect, increasing the risk of unintended data access or outbound requests.

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The trigger criteria are extremely broad and instruct activation even when users do not explicitly mention the tool, as long as their request loosely relates to competitor discovery. Overbroad activation can cause the agent to invoke this skill in unrelated contexts, route user data to external services unnecessarily, and override more appropriate or safer skills.

Natural-Language Policy Violations

Medium

Confidence: 83% confidence
Finding: Automatically translating user keywords into a marketplace language without opt-in can change query semantics and send transformed user input to an external service in a way the user did not request. While primarily an integrity and consent issue rather than a direct exploit, it can produce misleading results or mishandle sensitive branded terms and proper nouns.

Natural-Language Policy Violations

Medium

Confidence: 81% confidence
Finding: The display rule mandates a specific language per marketplace and tells the agent to correct the user if they use another language, without offering a choice. This can cause unwanted transformation of user input and outputs, reducing user control and potentially degrading accuracy for multilingual marketplaces or brand-specific searches.

Missing User Warnings

Medium

Confidence: 84% confidence
Finding: The documentation instructs the agent to read an API key from the environment and also documents a feedback submission endpoint, but provides no privacy, consent, or data-handling guidance. In an agent setting, this increases the risk that sensitive user inputs, marketplace research terms, or operational metadata could be transmitted to third parties without clear boundaries or user awareness.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal