Amazon Fba Calculator

Security checks across malware telemetry and agentic risk

Overview

This is a local Amazon FBA fee calculator with no hidden access, but its financial estimates need user verification.

Before relying on this skill for pricing or inventory decisions, verify current Amazon FBA rates and remember that removal/disposal fees are not included in the default totals or displayed report. The reviewed artifacts do not show credential use, network access, persistence, or account-changing behavior.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Intent-Code Divergence

Medium

Confidence: 96% confidence
Finding: This is a real integrity flaw in the calculator: the code computes and stores a removal fee in the fee model, but excludes it from total fee and profit calculations. Users relying on the output for pricing, liquidation, or inventory decisions can be systematically misled into overstating profitability or understating exit costs.

Description-Behavior Mismatch

Medium

Confidence: 93% confidence
Finding: This is a true vulnerability in the sense of misleading business-output integrity: the skill advertises a complete fee breakdown, models removal/disposal fees, but omits them from the rendered report. In a financial-calculation skill, hidden or omitted cost components can cause users to make bad operational decisions because they assume the report is comprehensive.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal