Skills
skills/liangdabiao/amazon-sorftime-research-mcp-skill/product-research/Gen Agent Trust Hub

product-research

Pass

Audited by Gen Agent Trust Hub on Mar 20, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill is designed to ingest and analyze untrusted external data, specifically Amazon product titles and customer reviews, as documented in the workflow within SKILL.md and the templates in references/prompt_templates.md. This ingestion creates a surface for indirect prompt injection, where malicious instructions embedded in product content could potentially influence the agent's behavior.
  • [COMMAND_EXECUTION]: The scripts/api_client.py file utilizes subprocess.run to execute the system curl utility for communicating with the Sorftime API. While the implementation uses a list of arguments to prevent shell injection, the ability to invoke system binaries remains a sensitive capability.
  • [EXTERNAL_DOWNLOADS]: The skill performs network operations to mcp.sorftime.com to fetch market reports, product details, and trends. These downloads are core to the skill's functionality and target a well-known service in the Amazon seller tooling ecosystem.
  • [CREDENTIALS_UNSAFE]: The scripts/api_client.py script programmatically reads the Sorftime API key from the .mcp.json configuration file located in the project root. This is a standard configuration pattern for MCP-based tools but involves reading sensitive local files.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 20, 2026, 10:55 AM