ClawHub
Back to skill

Security audit

Skill Amazon Spapi

Security checks across malware telemetry and agentic risk

Overview

The skill does what it claims for Amazon SP-API, but it gives an agent live seller-account power to change listing prices and export order data without strong safeguards.

Install only if you are comfortable giving the agent Amazon seller-account access. Use least-privileged SP-API credentials, keep amazon-sp-api.json out of shared or synced folders, review the npm dependency version, and require human approval or a wrapper with dry-run, SKU allowlists, and price limits before any listing update.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill supports live listing updates and pricing changes, but the description and usage notes do not prominently warn that these actions can modify production marketplace data. In an agent setting, insufficient warning increases the chance of accidental destructive or business-impacting actions such as price corruption or unintended listing edits.

Missing User Warnings

Medium
Confidence
78% confidence
Finding
This line writes the full order object and associated order items to a user-chosen local file, which may include sensitive customer, shipping, or transactional data returned by the Amazon SP-API. In an agent or automation context, this increases the chance of persistent local exposure, accidental sharing, or storage in insecure locations because there is no warning, minimization, or access control around the export.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal