Security audit

阿里商品详情查询

Security checks across malware telemetry and agentic risk

Overview

This is a narrow Taobao/Tmall product lookup skill that sends a product ID to a disclosed EarlyData API and shows no hidden access, persistence, or destructive behavior.

Install only if you are comfortable sending Taobao/Tmall product IDs to EarlyData for lookup. The skill does not ask for account credentials or modify local data, but its output is an unnormalized third-party API response and depends on that provider's availability and data handling.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Intent-Code Divergence

Medium

Confidence: 76% confidence
Finding: The function documentation says it returns monthly sales data, but the code returns the full third-party API payload as a formatted string. This mismatch can expose more data than callers expect and may cause downstream agents or workflows to trust, log, or display unintended fields from an external service.

Description-Behavior Mismatch

Medium

Confidence: 71% confidence
Finding: The skill is presented as returning product detail data, but the implementation is tied to a specific third-party endpoint and behavior oriented around a different data purpose. This semantic mismatch is dangerous because users and orchestrators may grant the skill broader trust or use its output in ways inconsistent with what it actually fetches and returns.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal