Back to skill

Security audit

Ads Optimizer Skill

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Amazon Ads reporting skill that uses expected credentials and Amazon network calls, with some safety notes around secret handling and output paths.

Install only if you are comfortable letting the agent use Amazon Ads credentials for reporting. Keep amazon-ads-api.json out of source control, restrict its filesystem permissions, use the least-privileged Ads access available, review any --out path before running, and treat this version as a reporting tool rather than a true bid or keyword optimizer.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill documentation indicates it requires environment-variable access and network connectivity to read credentials and call the Amazon Ads API, but it does not declare those permissions explicitly. This creates a transparency and governance gap: operators may approve or run the skill without understanding that it can access local secrets and make outbound requests to external endpoints.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.env_credential_access, suspicious.exposed_secret_literal

Environment variable access combined with network send.

Critical
Code
suspicious.env_credential_access
Location
scripts/ads.js:12

File appears to expose a hardcoded API secret or token.

Critical
Code
suspicious.exposed_secret_literal
Location
scripts/ads.js:32