Back to skill
Skillv1.0.0
ClawScan security
Amazon Ads API · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 28, 2026, 2:40 AM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's code and instructions match its stated purpose (managing Amazon Ads via LWA credentials); nothing in the files requests unrelated secrets or contacts unexpected endpoints, but the publisher is unverified and the skill stores sensitive tokens in a local JSON file so use caution.
- Guidance
- This skill appears to do what it says: it uses your LWA client id/secret and refresh token to call Amazon Ads endpoints. Before installing or running it, verify the source (there's no homepage and owner is unverified), review the included script yourself, and avoid pasting long-lived secrets into shared repos. If you must use it, store amazon-ads-api.json with strict filesystem permissions (e.g., chmod 600), set AMAZON_ADS_PATH to a secure path, run the script in a sandbox or isolated environment first, and rotate credentials if you stop trusting the skill. Also consider creating an LWA app with limited permissions and short-lived credentials where possible.
Review Dimensions
- Purpose & Capability
- okName/description, SKILL.md, and scripts/ads.js are consistent: the skill implements Amazon Ads API v3 operations and requires node. The credentials and endpoints requested are appropriate for Amazon Ads.
- Instruction Scope
- noteInstructions confine actions to reading a local credentials JSON, requesting tokens from https://api.amazon.com, and calling Amazon advertising endpoints; the script may write an output file when --out is used. Note: SKILL.md asks the user to store LWA client secret and refresh token in a plaintext file (amazon-ads-api.json), which is a sensitive practice and should be protected.
- Install Mechanism
- okNo install spec is provided (instruction-only), and the only required binary is node. Included script is self-contained and performs network calls; nothing is downloaded from external/personal URLs during install.
- Credentials
- noteThe skill requests LWA client id/secret, refresh token, profileId and region—these are expected for Amazon Ads use. However, they are stored/read from a local JSON file (unprotected by default). The SKILL.md references an optional AMAZON_ADS_PATH env var but the registry metadata lists no required env vars; this mismatch is minor but worth noting.
- Persistence & Privilege
- okThe skill is not always-enabled, does not request persistent platform privileges, and does not modify other skills or agent configs. It runs on-demand (or via normal autonomous invocation) and only reads/writes the credential file and optional output file.