Back to skill

Security audit

Sorftime Product detail

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed LinkFox/Sorftime integration for querying Amazon ASIN product data, with manageable privacy and cleanup considerations.

Install only if you are comfortable sending ASIN queries and your LinkFox API key to LinkFox/Sorftime. Use explicit marketplace codes for non-US data, avoid placing sensitive notes in queries, and delete any saved response files after use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

High
Confidence
94% confidence
Finding
The trigger definition is intentionally broad enough to activate on generic ASIN detail, trend, profit, or comparison requests even when the user did not ask for Sorftime specifically. This can cause inappropriate skill routing, leading the agent to use a specialized third-party data source and workflow without clear user intent, which increases the risk of scope hijacking and unintended external data access.

Vague Triggers

Medium
Confidence
85% confidence
Finding
The boundary language uses vague phrases such as 'product analysis' and 'competitor comparison' and then expands applicability if the request 'boils down to' ASIN detail checks. That ambiguity can cause over-triggering and make the agent select this skill for requests that should first be clarified or routed elsewhere.

Natural-Language Policy Violations

Medium
Confidence
88% confidence
Finding
Defaulting silently to the US marketplace applies a locale and data scope choice without user confirmation. If the user intended another marketplace, the agent may return misleading data, perform unintended queries, or make decisions based on the wrong regional catalog and pricing context.

Missing User Warnings

Low
Confidence
91% confidence
Finding
The documentation instructs the skill to send user-supplied ASIN/query data and an API key to third-party endpoints, but it does not explicitly warn users that their inputs will be transmitted off-platform. In an agent skill context, this is a real privacy/transparency issue because users may reasonably assume the request stays within the local toolchain unless external sharing is disclosed.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The tool is explicitly designed to persist full API responses to disk, and those responses may contain secrets, personal data, tokens, or proprietary content. Although this is described in the docstring, there is no meaningful user-facing warning, minimization, encryption, retention control, or permission hardening around the stored files, so sensitive data can be left behind on disk unintentionally.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.