ClawHub

Pangolinfo Amazon Scraper: Products + Keywords + Reviews + Categories

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Pangolinfo API helper for scraping public Amazon listing data, with credential-handling cautions but no evidence of hidden or malicious behavior.

Prefer PANGOLINFO_API_KEY instead of PANGOLINFO_EMAIL and PANGOLINFO_PASSWORD. Only use optional key caching on a trusted machine, and keep page counts or broad scraping requests deliberate because successful calls consume Pangolinfo credits and send your product research queries to Pangolinfo.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
84% confidence
Finding
The skill advertises and instructs use of sensitive environment variables, shell execution, network access, and local script invocation, but does not declare corresponding permissions. This creates a transparency and trust problem: an agent or user may approve the skill assuming minimal privileges, while the documented workflow clearly enables credential handling and outbound requests to a third-party service.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The guide explicitly instructs users to place their email and password into environment variables as an authentication method, but provides no warning that these secrets may be exposed through shell history, process inspection, logs, CI environments, or inherited subprocesses. In a developer-tooling context, this normalizes weaker credential-handling practices and increases the chance that users expose primary account credentials instead of using a scoped API key.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal