Exposed secret literal
Critical
- Finding
- File appears to expose a hardcoded API secret or token.
amazon-review-analysis
Security checks across static analysis, malware telemetry, and agentic risk
Overview
No artifact-backed suspicious behavior was identified, but the workspace artifacts could not be inspected in this run.
Treat this as an incomplete clean review: the available telemetry is clean and no artifact evidence supported a concern, but installation decisions should wait for a successful artifact inspection when possible.
Static analysis
VirusTotal
64/64 vendors flagged this skill as clean.
Risk analysis
No visible risk-analysis findings were reported for this release.