Skill Amazon Listing Optimizer
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
The skill largely matches its Amazon image-fixing purpose, but it can change live Amazon listings in bulk and its temporary public web server can expose unintended local files.
Review carefully before installing. If you use it, pin dependencies, protect amazon-sp-api.json, avoid running the public server from a directory near secrets, firewall the port where possible, test with one SKU, inspect the report and fixed images manually, and only then push limited changes to live Amazon listings.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A remote visitor could potentially read local files from the machine running the skill, including nearby credential files such as amazon-sp-api.json.
The public HTTP server serves a filesystem path derived from the request URL without constraining it to the image directory, so path traversal such as ../ could expose files outside the intended folder while the port is open.
const filePath = path.join(dir, req.url.replace(/^\//, '')); ... fs.createReadStream(filePath).pipe(res); ... server.listen(port, '0.0.0.0');
Serve only an allowlist of generated image filenames, resolve and verify paths stay inside the image directory, avoid placing credentials near the served directory, and prefer S3 or pre-signed URLs over a public local file server.
If run with the wrong credentials, broad permissions, or a bad report, the skill can alter live Amazon product listings.
The script reads local Amazon SP-API credentials and uses them to replace live listing image attributes. This is expected for the skill, but it is high-impact account authority.
const CREDS_PATH = process.env.AMAZON_SPAPI_PATH || './amazon-sp-api.json'; ... operation: 'patchListingsItem' ... op: 'replace'
Use least-privilege SP-API credentials, protect the credential file, test on a single SKU first, and review every planned patch before pushing.
A mistaken report, mismatched image file, or broad --all run could update many live listings incorrectly.
The documented full pipeline audits all SKUs and then pushes fixes from the report in bulk, with no documented confirmation, dry-run, backup, or rollback step before live updates.
node scripts/audit.js --all --out report.json python3 scripts/pad_to_square.py ./image_fix/ node scripts/push_images.js --dir ./image_fix/ --from-report report.json
Run SKU-scoped audits first, manually inspect report.json and fixed images, add a dry-run/confirmation gate, and keep backups of previous image URLs for rollback.
Different or compromised dependency versions could change runtime behavior.
The skill asks users to install external packages without pinned versions or a lockfile. This is common setup behavior, but it leaves dependency versions and provenance to the user environment.
pip3 install Pillow npm install amazon-sp-api
Pin dependency versions, use lockfiles or a reviewed package manifest, and install from trusted registries.