Back to skill

Security audit

Ecommerce Website Data

Security checks across malware telemetry and agentic risk

Overview

The skill appears to perform the advertised ecommerce lookup work, but it asks users to handle an API token unsafely and exposes business contact data without clear privacy or acceptable-use guardrails.

Install only if you are comfortable sending ecommerce searches, target domains, and contact-lookup requests to EcCompass. Use a dedicated revocable APEX_TOKEN, avoid pasting it into chat, prefer an environment variable or secure secret store over plaintext config, and treat returned emails and LinkedIn profiles as personal data subject to privacy, platform, and anti-spam rules.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Rogue AgentSelf-Modification, Session Persistence
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Findings (14)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill declares access to an environment secret (`APEX_TOKEN`) and relies on network access to a third-party API, but the metadata shown does not expose a clear permission declaration or user-facing consent boundary for those capabilities. That mismatch can cause users or orchestrators to underestimate what the skill can access and transmit, especially because requests include authenticated calls to an external service.

Context-Inappropriate Capability

Medium
Confidence
97% confidence
Finding
The README explicitly instructs users to paste their API token into an agent chat message for installation and configuration. Supplying secrets through conversational input is dangerous because chat content may be logged, retained, exposed to plugins/tools, or mishandled by the agent, causing credential leakage and unauthorized API use.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The README tells users to provide the API token directly in agent chat and does so without any warning about credential exposure. In the context of an agent skill, this is especially risky because prompts, transcripts, telemetry, and downstream tools may capture the token, turning a setup convenience into a secret-handling flaw.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger phrases are broad enough to match ordinary ecommerce, competitor, or contact-discovery requests, increasing the chance the skill is invoked when the user did not specifically request this external data provider. In this skill, that matters because invocation can lead to external transmission of search terms and retrieval of contact information from a third party.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill prominently advertises retrieval of verified LinkedIn profiles, business emails, and decision-maker contacts, but does not provide a clear privacy warning or acceptable-use boundary to the end user. This raises meaningful privacy and compliance risk because users may unknowingly use the skill for lead generation or outreach involving personal data.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The contacts command retrieves and prints personally identifiable information, including names, job titles, and email addresses, directly to stdout with no consent prompt, masking, or usage warning. In an agent skill context, this increases the chance of bulk harvesting, unintended disclosure into logs/transcripts, or use of the data for unsolicited outreach.

External Transmission

Medium
Category
Data Exfiltration
Content
Authentication: `APEX_TOKEN` header (NOT `Authorization` header).

```bash
curl -X POST https://api.eccompass.ai/public/api/v1/search \
  -H "APEX_TOKEN: $APEX_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
Confidence
93% confidence
Finding
curl -X POST https://api.eccompass.ai/public/api/v1/search \ -H "APEX_TOKEN: $APEX_TOKEN" \ -H "Content-Type: application/json" \ -d

External Transmission

Medium
Category
Data Exfiltration
Content
Authentication: `APEX_TOKEN` header (NOT `Authorization` header).

```bash
curl -X POST https://api.eccompass.ai/public/api/v1/search \
  -H "APEX_TOKEN: $APEX_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
Confidence
93% confidence
Finding
https://api.eccompass.ai/

External Transmission

Medium
Category
Data Exfiltration
Content
### **2. Domain Analytics —** `GET https://api.eccompass.ai/public/api/v1/domain/{domain}`

Full URL: `https://api.eccompass.ai/public/api/v1/domain/{domain}` (GET)

```bash
curl -H "APEX_TOKEN: $APEX_TOKEN" https://api.eccompass.ai/public/api/v1/domain/ooni.com
Confidence
88% confidence
Finding
https://api.eccompass.ai/

External Transmission

Medium
Category
Data Exfiltration
Content
Returns 100+ fields of complete analytics for a single domain.

### **3. Historical Data —** `GET https://api.eccompass.ai/public/api/v1/historical/{domain}`

```bash
curl -H "APEX_TOKEN: $APEX_TOKEN" https://api.eccompass.ai/public/api/v1/historical/ooni.com
Confidence
87% confidence
Finding
https://api.eccompass.ai/

External Transmission

Medium
Category
Data Exfiltration
Content
Returns monthly GMV, UV, PV, and average price data from 2023 onwards. Use when the user asks for revenue trends, traffic history, or month-over-month performance.

### **4. Installed Apps —** `GET https://api.eccompass.ai/public/api/v1/installed-apps/{domain}`

```bash
curl -H "APEX_TOKEN: $APEX_TOKEN" https://api.eccompass.ai/public/api/v1/installed-apps/ooni.com
Confidence
89% confidence
Finding
https://api.eccompass.ai/

External Transmission

Medium
Category
Data Exfiltration
Content
Returns the list of apps/plugins installed on a store with details: name, rating, install count, vendor info, pricing plans. Use when the user asks "what apps does X use" or "which plugins are installed".

### **5. LinkedIn Contacts —** `GET https://api.eccompass.ai/public/api/v1/contacts/{domain}`

```bash
curl -H "APEX_TOKEN: $APEX_TOKEN" https://api.eccompass.ai/public/api/v1/contacts/ooni.com
Confidence
96% confidence
Finding
https://api.eccompass.ai/

External Transmission

Medium
Category
Data Exfiltration
Content
### **5. LinkedIn Contacts —** `GET https://api.eccompass.ai/public/api/v1/contacts/{domain}`

```bash
curl -H "APEX_TOKEN: $APEX_TOKEN" https://api.eccompass.ai/public/api/v1/contacts/ooni.com
```

Returns verified LinkedIn contacts for a domain's company: name, position, email, LinkedIn profile URL. Use for lead generation, decision-maker lookup, or outreach.
Confidence
95% confidence
Finding
https://api.eccompass.ai/

Session Persistence

Medium
Category
Rogue Agent
Content
> Install this skill: https://clawhub.ai/roger52027/ecommerce-website-data
> My APEX_TOKEN is: your_token_here

Get your free token at [eccompass.ai](https://eccompass.ai) → Dashboard → API Access → Create Token.

### Manual Install via OpenClaw CLI
Confidence
94% confidence
Finding
Create Token. ### Manual Install via OpenClaw CLI ```bash openclaw skills install roger52027/ecommerce-website-data ``` Then configure the token (choose one): **Option A — OpenClaw config** (persi

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.