Back to skill

Security audit

Amazon Ads API

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Amazon Ads reporting skill, but users should protect the local credentials file and be careful with the optional output path.

Install only if you are comfortable giving the agent access to the configured Amazon Ads profile data. Store amazon-ads-api.json outside source control with restrictive permissions, use dedicated or least-privilege credentials where possible, rotate the refresh token if it is exposed, and treat this version as a read/reporting helper despite the broader README wording.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The README advertises campaign management, bid changes, and daily optimization for any advertiser account without warning that the skill can make impactful changes to live Amazon Ads campaigns. This can lead users or downstream agents to run the skill in production without understanding the financial and operational risk, increasing the chance of unintended spend, bid shifts, or campaign misconfiguration.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The setup instructions ask users to place highly sensitive credentials and refresh tokens in a local JSON file without any guidance on secure storage, file permissions, git exclusion, or secret-rotation practices. In an agent environment, this increases the chance that long-lived advertising credentials are exposed through source control, backups, logs, or other local users, enabling unauthorized access to Amazon Ads accounts.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.env_credential_access, suspicious.exposed_secret_literal

Environment variable access combined with network send.

Critical
Code
suspicious.env_credential_access
Location
scripts/ads.js:12

File appears to expose a hardcoded API secret or token.

Critical
Code
suspicious.exposed_secret_literal
Location
scripts/ads.js:32