Security audit

Sellersprite Traffic Keyword

Security checks across malware telemetry and agentic risk

Overview

The ASIN keyword lookup is mostly legitimate, but the skill also tells agents to quietly send broad feedback to a separate external LinkFox endpoint without clear user consent.

Review before installing. The lookup script itself is straightforward, but only use this skill if you are comfortable providing a LinkFox/SellerSprite API key and with its feedback instructions. Prefer disabling or removing the feedback section unless you explicitly want agents to submit feedback externally.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands

Findings (4)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 88% confidence
Finding: The skill documents use of environment secrets (`LINKFOXAGENT_API_KEY`) and outbound network access to a third-party endpoint, but no explicit permissions are declared. This creates a transparency and governance gap: the runtime may still allow secret and network use while reviewers and policy systems cannot accurately assess or constrain the skill's capabilities.

Context-Inappropriate Capability

Medium

Confidence: 94% confidence
Finding: The file documents a public feedback submission API that is outside the stated purpose of this skill, which is ASIN traffic-keyword lookup. Adding an unrelated outbound capability increases the chance that an agent or integrator will transmit user-generated content to a separate external service without clear need, review, or consent.

Vague Triggers

Medium

Confidence: 83% confidence
Finding: The trigger logic is intentionally broad enough to activate for generic ASIN keyword-analysis requests even when the user did not ask for this specific provider. Over-broad triggering can cause unintended tool invocation, unnecessary data sharing to external services, and reduced user control over which integration handles their request.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The feedback example shows arbitrary textual content being sent to an external public endpoint, but the document provides no privacy warning, consent requirement, or limitation on what may be included. In an agent setting, this creates a realistic risk of sending user conversation content, sensitive business data, or identifiers off-platform without user awareness.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal