Skill Amazon Spapi

Security checks across static analysis, malware telemetry, and agentic risk

Overview

The skill appears to match its Amazon SP-API purpose, but it gives an agent Amazon seller-account access and a direct way to change live listing prices without documented approval safeguards.

Install only if you are comfortable giving the agent Amazon SP-API seller access. Use least-privileged credentials, protect the amazon-sp-api.json file, pin the npm dependency, and require manual confirmation before any listing price update.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

No VirusTotal findings for this skill version.

Malicious: 0
Suspicious: 0
Harmless: 0
Undetected: 64

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#ASI02: Tool Misuse and Exploitation

High

What this means

If an agent runs the update path incorrectly or too broadly, it could change live Amazon listing prices and affect sales, revenue, or account operations.

Why it was flagged

The script can directly patch a live Amazon listing's purchasable offer price using caller-supplied SKU and price values.

Skill content

operation: 'patchListingsItem' ... path: '/attributes/purchasable_offer' ... value_with_tax: parseFloat(price)

Recommendation

Require explicit user approval before any update, add dry-run output, validate price bounds and currency, restrict allowed SKUs/marketplaces, and consider separating read-only scripts from mutation scripts.

#ASI03: Identity and Privilege Abuse

Medium

What this means

Anyone or any agent process with access to that file may be able to read order and inventory data and perform permitted seller-account actions.

Why it was flagged

The skill requires long-lived Amazon SP-API credentials from a local file; this is expected for the integration, but those credentials can grant significant seller-account authority.

Skill content

"lwaClientSecret": "YOUR_CLIENT_SECRET", "refreshToken": "Atzr|YOUR_REFRESH_TOKEN" ... Save as `amazon-sp-api.json`. Set `AMAZON_SPAPI_PATH`

Recommendation

Use least-privileged SP-API roles, keep the credentials file outside shared folders with restrictive permissions, rotate tokens if exposed, and ensure registry/skill metadata clearly declares the credential requirement.

#ASI04: Agentic Supply Chain Vulnerabilities

Low

What this means

Future installs may pull a different package version than the one the skill author tested or the reviewer saw.

Why it was flagged

The setup installs an external npm dependency without a pinned version or lockfile in the provided artifacts.

Skill content

npm install amazon-sp-api

Recommendation

Pin the dependency version, provide a package-lock file or install spec, and review the npm package provenance before use.