Back to skill

Security audit

Amazon Review Analyzer

Security checks across malware telemetry and agentic risk

Overview

The available evidence points to a review-analysis skill with some prompt-scoping issues, but not hidden, destructive, credential-stealing, or persistence behavior.

Install only if you are comfortable with a skill that may trigger review analysis broadly and may default to Chinese output. Prefer using it with explicit product identifiers and clear language instructions, and review any API-cost or scraping terms before use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The default prompt auto-invokes the skill with a very broad phrase and no clear user-consent or trigger boundaries. This increases the chance the agent will activate review scraping/analysis in contexts the user did not explicitly intend, which can cause unintended external data access, unnecessary cost, and overbroad task execution.

Natural-Language Policy Violations

Medium
Confidence
84% confidence
Finding
Forcing Chinese output in the default prompt without user opt-in can override user intent and reduce transparency, especially if the user expects another language. In security-sensitive or evidence-review workflows, unwanted language coercion can hide important details, impair review, or lead to misunderstandings about the generated report.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.