Amazon Keyword Reverse Lookup
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill is mostly a keyword-research prompt, but it requests broad Bash access that is not explained or needed for the stated task.
Before installing, consider whether this skill really needs Bash access. Prefer using it without shell permissions or inside a sandbox, treat keyword and CPC results as estimates, and be mindful that saved research may persist in the workspace.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked, the agent could have a powerful local command tool available for a task that should not normally need it.
This grants the skill access to a general local shell, but the documented workflow is keyword research and listing text analysis with no visible shell command use case or boundaries.
allowed-tools: Bash
Remove Bash access, or document a narrow, user-approved command workflow and run the skill only in a sandboxed environment.
Users may over-trust keyword, traffic, or CPC outputs as factual market data when they may be estimates.
The skill markets itself as finding traffic-driving keywords, but the visible method is manual inference from listing text and estimated CPC tiers rather than a verified Amazon traffic data source.
Find all keywords driving traffic to any ASIN ... Reverse Lookup Logic (Manual ASIN Analysis) ... Extract all words from title, bullets, description
Treat outputs as advisory estimates unless the user provides verified data, and clearly disclose data-source limitations.
Business keyword research may remain in the workspace after the session depending on platform behavior.
The skill documents a user-directed persistence action for saving product keyword research, but does not describe retention, deletion, or later reuse boundaries.
keyword save <product> # save keyword research to workspace
Only save non-sensitive research unless you understand where workspace data is stored and how to delete it.