Amazon Listing Optimization
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill is coherent for Amazon listing optimization, with disclosed public Amazon page fetching and no credential, persistence, or destructive behavior shown.
This appears reasonable for building and optimizing Amazon listings. Before installing, verify the GitHub source used by the install command, and remember that competitor ASIN analysis sends product-page requests to Amazon and processes public listing content.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using competitor analysis will contact Amazon for the requested product page and use the returned listing content in the optimization workflow.
The helper performs an external HTTP request to Amazon product pages and parses the returned HTML. This is aligned with competitor listing analysis, but users should know ASIN lookups leave the local environment.
PAGE=$(curl -sL ... --max-time 15 "$URL" 2>/dev/null)
Use this helper only for ASINs you intend to analyze, and review the generated listing/audit output before relying on it.
Installing globally from an unpinned external repository means the installed content depends on that repository’s current state and trustworthiness.
The installation documentation points to a global GitHub-based install path, while the registry source is listed as unknown. This is a provenance consideration rather than evidence of malicious behavior.
npx skills add nexscope-ai/Amazon-Skills --skill amazon-listing-optimization -g
Verify the repository and prefer a trusted or pinned version before installing globally.