ebay-review-checker
Warn
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The generated HTML report fetches the Chart.js library from the JSDelivr CDN (https://cdn.jsdelivr.net/npm/chart.js), which is a well-known and trusted service.
- [DATA_EXFILTRATION]: The script 'scripts/report_html.py' writes analysis results and processed review content to a local file named 'review_analysis_report.html', which could lead to unauthorized data exposure on the local system.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection and contains deceptive metadata. \n
- Ingestion points: 'scripts/analyzer.py' and 'scripts/parser.py' ingest untrusted feedback data provided by the user or fetched from eBay. \n
- Boundary markers: Absent; there are no instructions or delimiters to help the agent distinguish between its instructions and the untrusted data it processes. \n
- Capability inventory: The skill can write files to the local system using 'scripts/report_html.py'. \n
- Sanitization: Absent; review content is interpolated directly into an HTML template via JavaScript 'innerHTML' calls in 'scripts/report_html.py', creating a Cross-Site Scripting (XSS) vulnerability surface. Additionally, internal docstrings and the report footer consistently refer to 'Amazon Review Checker', which is misleading given the skill's name and stated eBay focus.
- [COMMAND_EXECUTION]: The skill instructs the agent to run Python scripts for data analysis and report generation, which is expected behavior for its primary purpose.
Audit Metadata