amazon-ppc-campaign
Fail
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill utilizes a piped command to process JSON data from an official Amazon suggestion API using a Python one-liner. Evidence:
curl -s "https://completion.amazon.com/api/2017/suggestions..." | python3 -c ...inSKILL.md.- [EXTERNAL_DOWNLOADS]: Fetches external product data from Amazon marketplaces to extract competitive intelligence. Evidence:scripts/fetch-competitor.shusescurlto retrieve HTML content from various Amazon domains.- [COMMAND_EXECUTION]: Executes local shell scripts and system utilities to automate research tasks. Evidence: Invokesscripts/fetch-competitor.shand usescurlandpython3via subprocesses as described in the workflow instructions.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to the processing of untrusted external content. - Ingestion points:
scripts/fetch-competitor.shretrieves data from external Amazon product listings (titles, bullets). - Boundary markers: Absent; extracted data is provided to the agent without isolation delimiters.
- Capability inventory: Performs network operations via
curl, dynamic execution viapython3, and local script execution. - Sanitization: Processing is limited to basic string manipulation using
grepandsedfor data extraction.
Recommendations
- HIGH: Downloads and executes remote code from: https://completion.amazon.com/api/2017/suggestions?mid=ATVPDKIKX0DER&alias=aps&prefix= - DO NOT USE without thorough review
Audit Metadata