Amazon Coupon Strategy
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill is mostly Amazon promotion planning guidance, but it requests unrestricted Bash access that is not explained by its strategy-only purpose.
Review this skill before installing because its Amazon coupon and promotion advice appears purpose-aligned, but the Bash permission is unnecessarily broad. Prefer a version that removes shell access, and avoid providing more business-sensitive pricing, margin, inventory, or sales data than needed.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If installed, the agent may have access to local shell commands in contexts where this skill is active, which is broader than needed for Amazon promotion planning.
The skill is described as a strategy and calculator-style advisor, but it grants Bash shell access without explaining why shell commands are needed or limiting what may be run.
description: "Amazon deals, coupons, and promotions strategy agent..."\nallowed-tools: Bash
Remove the Bash permission unless it is essential, or document a narrow, user-approved set of commands and avoid automatic shell use.