ClawHub

Amazon Search Optimization

v1.0.0

Optimize product visibility in Amazon search results. Analyze current search ranking factors, identify optimization gaps, and provide actionable improvements...

1· 89·0 current·0 all-time
bynexscope-ai@nexscope
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name, description, and listed capabilities (title/bullet optimization, index verification, action plans) align with an SEO/marketplace-optimization skill. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
SKILL.md instructs the agent to collect product/context from the user, ask one multi-choice follow-up, and 'research and analyze' using provided frameworks. It does not instruct reading local files, environment variables, or external credentials. The phrase 'research and analyze' is slightly ambiguous and could lead an agent to perform web requests or use external APIs, but that behavior is consistent with the stated purpose (gathering market/search data).
Install Mechanism
There is no install spec in the registry metadata and no code files. SKILL.md includes an example npx command to add a package (nexscope-ai/eCommerce-Skills), which is a user-facing suggestion rather than an automated install. This minor inconsistency is not a direct security risk but you should verify the npm package source before running the command.
Credentials
The skill requests no environment variables, credentials, or config paths. That is proportionate to the described functionality (analysis and recommendations) which do not inherently require secrets or account-level access.
Persistence & Privilege
Skill flags are default: always:false and model invocation enabled. It does not request permanent presence or system-level modifications. Autonomous invocation is allowed by default and is not, on its own, a security problem here.
Assessment
This skill is instruction-only and does not ask for credentials or install code by itself, so it appears coherent with its purpose. Before installing or running the suggested npx package, verify the nexscope-ai publisher (GitHub/npm) to ensure you trust the source. Be cautious about sharing sensitive account credentials (Amazon Seller Central, Shopify, etc.) — the skill does not need them to give general optimization advice. If you plan to let the agent perform live research (web/API calls), decide whether you want it to access your private account data and review any external package code before executing it.

Like a lobster shell, security has layers — review code before you run it.

latestvk9734sbwnbj9qgs05byyfstc0583kmp2

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments