Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Keyapi Amazon Ecommerce
v1.0.0Explore and analyze Amazon e-commerce data at scale — product search, category browsing, product details, best sellers, deals, seller intelligence, influence...
⭐ 0· 27·0 current·0 all-time
by@lycici
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The skill's name/description map to contacting the KeyAPI MCP for Amazon ecommerce data and the only required credential is KEYAPI_TOKEN, which is proportionate. Minor inconsistencies exist: the run script's help/defaults reference other platforms (e.g., default platform 'tiktok' and image proxy host for 'echosell'), suggesting the runner is multi-platform boilerplate reused across skills rather than Amazon-specific code. This is odd but plausibly benign.
Instruction Scope
SKILL.md instructs the user to run npm install and node scripts/run.js which aligns with the included script. The runtime instructions and code only read/write files in the skill directory (a .env file and a .keyapi-cache directory) and only read KEYAPI_TOKEN and optional KEYAPI_SERVER_URL. The runner will prompt for and persist the token to .env if not set — this persistent storage of the token is expected but a privacy consideration.
Install Mechanism
No remote installer or arbitrary downloads are used. The package uses a single npm dependency (@modelcontextprotocol/sdk) declared in package.json; installing from npm is expected for a Node-based tool and is moderate but normal risk.
Credentials
Only KEYAPI_TOKEN (primary credential) and an optional KEYAPI_SERVER_URL are required. These are directly relevant to calling the KeyAPI MCP and are proportionate to the described functionality.
Persistence & Privilege
always:false (no forced inclusion). The script persists the KEYAPI_TOKEN into a .env file in the skill directory and writes cached responses to .keyapi-cache; it does not modify other skills or system-wide configuration. Persisting the token to disk is expected behavior but is a potential credential-leak risk if the skill directory is shared or checked into source control.
Assessment
This skill appears coherent with its stated purpose — it calls the KeyAPI MCP and only needs your KEYAPI_TOKEN and Node. Before installing, consider: 1) Only supply a KeyAPI token created for this use (avoid reusing highly privileged or long-lived credentials). 2) The runner will save the token in plain text to a .env file in the skill directory and will write cached API responses to .keyapi-cache; avoid placing the skill directory under source control or shared folders, or delete .env after use. 3) The code includes multi-platform boilerplate (references to tiktok/echosell images) — not harmful but worth noting as leftover code. 4) Inspect scripts/run.js locally and verify KEYAPI_SERVER_URL if you want to ensure calls go only to the expected endpoint (https://mcp.keyapi.ai). 5) Run npm install in an isolated environment (or review the @modelcontextprotocol/sdk package) if you are cautious about adding node dependencies. If any of these points are unacceptable, do not install or create a dedicated token you can revoke.scripts/run.js:52
Environment variable access combined with network send.
scripts/run.js:37
File read combined with network send (possible exfiltration).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk97avt1mbsrqnqqtrjy7abjrq984362z
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🛒 Clawdis
Binsnode
EnvKEYAPI_TOKEN
Primary envKEYAPI_TOKEN