Skillv0.1.3

ClawScan security

Amazon Product Api Skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 17, 2026, 10:56 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, instructions, and required environment variable are consistent with its stated purpose (calling the BrowserAct Amazon product workflow); it asks only for a BrowserAct API key and Python, and does not perform unrelated or hidden actions.
Guidance: This skill appears to do what it claims: it sends your search parameters to BrowserAct and fetches results via their workflow API. Before installing: (1) Only provide a BrowserAct API key you trust—treat it like a secret. (2) Be aware that running the script causes network requests to BrowserAct (and through them to Amazon), so consider data-sensitivity and company policy. (3) Confirm BrowserAct (https://www.browseract.com) and the TEMPLATE_ID meet your compliance needs and that use of scraped product data complies with Amazon's terms. (4) Run first tests in an isolated environment if you want to observe behavior and network traffic before broad use.

Purpose & Capability: okThe skill claims to extract Amazon product listings and the included script calls BrowserAct's workflow API (https://api.browseract.com/v2/workflow) using a TEMPLATE_ID. Requiring Python and a BROWSERACT_API_KEY is proportionate and expected for this purpose.
Instruction Scope: okSKILL.md instructs the agent to run the bundled Python script, monitor logs, handle one retry on non-auth errors, and prompt the user for the BrowserAct API key if missing. The instructions do not request unrelated files, system credentials, or exfiltrate data to unexpected endpoints.
Install Mechanism: okNo install spec is present (instruction-only plus a small script). The skill requires an existing Python binary only, which is low risk and consistent with the provided script.
Credentials: okOnly a single environment variable (BROWSERACT_API_KEY) is required and the script uses it directly for API Authorization. No other secrets, config paths, or unrelated credentials are requested or referenced.
Persistence & Privilege: okThe skill is not always-enabled, does not modify other skills or system configuration, and does not request persistent elevated privileges.