Skill Amazon Ads Optimizer
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: skill-amazon-ads-optimizer Version: 1.0.0 The skill is classified as suspicious due to a significant arbitrary file write vulnerability in `scripts/ads.js`. The script uses `fs.writeFileSync` with the `--out` command-line argument, which directly takes a user-provided file path. If an attacker can control the arguments passed to this script (e.g., via prompt injection against the OpenClaw agent), they could write arbitrary data to any file on the system, potentially leading to remote code execution or system compromise. While the stated purpose of saving campaign data is benign, the lack of input sanitization for the output path creates a high-risk exploit vector. All network calls are to legitimate Amazon API endpoints, and there is no evidence of intentional data exfiltration or other malicious behavior.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone or any agent run with access to the credentials file can retrieve Amazon Ads profile and campaign information for that account.
The skill uses a local Amazon Ads credentials file containing a refresh token and client secret to obtain an access token. This is expected for the advertised integration, but it grants account access.
refresh_token: creds.refreshToken, client_id: creds.lwaClientId, client_secret: creds.lwaClientSecret,
Store the credentials file securely, use the narrowest Amazon Ads permissions available, avoid sharing exported outputs, and rotate the refresh token if you suspect exposure.
If an agent or user supplies the wrong output path, an existing writable file could be overwritten with campaign data.
The CLI can write campaign export data to any path supplied with --out. This is documented and user-directed, but the path is not restricted or overwrite-protected.
if (args.out) {
fs.writeFileSync(args.out, JSON.stringify({ fetchedAt: new Date().toISOString(), totalResults: data.totalResults, campaigns }, null, 2));Use an explicit safe output path, such as a temporary or project-local filename, and review commands before allowing the agent to write files.