📦

審計紀錄

amazon-asin-lookup-api-skill - 3 審計

審計版本 3

最新 中風險

Jun 28, 2026, 05:20 PM

The critical static heuristic is not confirmed as malicious: the network calls, local script execution, and environment variable access match the declared BrowserAct ASIN lookup workflow. The skill still presents medium risk because it sends ASIN workflow data to a third-party API and includes guidance that may lead users to share an API key in chat.

2
已掃描檔案
206
分析行數
9
發現
codex
審計單位
中風險問題 (2)
API Key Handling Guidance May Expose Secrets
The skill tells the agent to ask for the BrowserAct API key when the environment variable is missing, and the script output says the user may provide it in chat. This is not confirmed exfiltration, but it encourages secret disclosure outside a dedicated secrets store.
Third-Party Network Workflow With Authorization Header
The Python script sends ASIN workflow requests to BrowserAct and polls for task status and output using a bearer token. This matches the stated function, but users should understand that product lookup inputs and workflow metadata leave the local environment.
低風險問題 (4)
Static External Command Findings Are Mostly Markdown False Positives
The reported Ruby or shell backtick execution markers in SKILL.md are Markdown inline code and fenced code examples, not Ruby backtick execution. The only real command guidance is a local Python script invocation using an ASIN argument.
Static Weak Cryptography Findings Are False Positives
The cited SKILL.md lines describe ASIN lookup, product descriptions, and output fields. No cryptographic algorithm, hashing operation, or security-sensitive crypto configuration is present.
System Reconnaissance Findings Are Status Checks
The cited code checks API authorization messages and task identifiers, while the documentation discusses avoiding captcha and retrying authorization failures. No host, user, process, network interface, or filesystem reconnaissance was found.
Critical Combination Heuristic Not Confirmed As Malicious
The skill combines script execution, network access, and environment variable access, but those behaviors are transparent and required for the BrowserAct lookup workflow. No obfuscation, hidden endpoint, prompt injection attempt, or unauthorized data exfiltration was found.

偵測到的模式

Bearer Token Used In Outbound RequestsCredential Collection Suggested Through Chat

審計版本 2

低風險

May 21, 2026, 08:09 AM

The static analysis found 57 potential issues with a risk score of 100/100, but manual evaluation confirms all are false positives or expected patterns for this legitimate API-wrapper skill. The skill makes documented HTTP requests to api.browseract.com, reads a declared BROWSERACT_API_KEY environment variable, and executes a Python script -- all operations are transparent, serve the declared Amazon product lookup purpose, and show no evidence of malicious intent, data exfiltration, obfuscation, or prompt injection.

2
已掃描檔案
206
分析行數
4
發現
claude
審計單位
未發現安全問題

審計版本 1

安全

Apr 28, 2026, 09:10 AM

All 57 static findings evaluated as false positives. Network access is limited to BrowserAct API for legitimate product data retrieval. Environment variable access is for user-provided API credentials only. No malicious behavior, data exfiltration, or prompt injection detected.

2
已掃描檔案
206
分析行數
2
發現
claude
審計單位
未發現安全問題