Back to skill

Security audit

Ebay Review Checker

Security checks across malware telemetry and agentic risk

Overview

The skill appears to run local review analysis, but it is advertised as an eBay fraud checker while the implementation is largely Amazon-oriented and overstates what it can detect.

Review this before installing if you need reliable eBay fraud or seller trust analysis. It looks more like an Amazon-style review analyzer packaged as an eBay checker, so do not rely on its scores for eBay decisions without manual verification. Avoid opening generated HTML reports from untrusted review text until the report escapes content and avoids unpinned third-party JavaScript.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The file header and implementation explicitly describe an Amazon review analyzer, while the skill metadata claims eBay review and feedback analysis. This mismatch can mislead users into trusting results for a platform with different data structures, fraud signals, and abuse patterns, causing incorrect security or trust decisions.

Description-Behavior Mismatch

High
Confidence
98% confidence
Finding
The analyzer operates on Amazon-style product review attributes such as verified purchase, star ratings, and ASIN-oriented reporting, but the skill promises eBay-specific seller feedback authenticity analysis and buyer manipulation detection. In practice this creates a deceptive capability gap: users may rely on outputs that do not analyze the claimed threat model at all.

Intent-Code Divergence

Medium
Confidence
91% confidence
Finding
The code tells users that adding reviewer info will unlock account profile analysis, but no such analysis is implemented anywhere in the file. This is dangerous because it overstates investigative coverage and may cause operators to believe account-level abuse checks were performed when they were not.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.