amazon-review-workbook Security Report — Trusted | ClawSafe

5 /100

amazon-review-workbook

Collect Amazon product reviews via Chrome CDP and export a 14-column delivery-ready workbook with optional DeepLX translation and model-assisted semantic tagging.

Legitimate Amazon review scraper using Chrome CDP; all operations are documented, scoped, and appropriate for the stated purpose.

Skill Nameamazon-review-workbook

Duration49.5s

Enginepi

✓

Safe to install

No action needed. The skill is safe to use as documented.

Findings 5 items

Severity	Finding	Location
Low	No dependency version pinning requirements.txt/package.json not present; requests library pinned to * in code imports. No known CVEs for used versions. `import requests` → Add a requirements.txt with pinned versions if distributing as a package	`scripts/amazon_review_workbook.py:1`
Info	Chrome CDP browser automation Uses Chrome remote debugging protocol (port 9222) to scrape Amazon. All CDP eval expressions are reviewed; no data exfiltration beyond what is scraped from Amazon. `BrowserSession class` → None; this is the documented mechanism	`scripts/amazon_review_workbook.py:657`
Info	External network calls only to user-configured DeepLX Network requests go to a URL configured by the user via DEEPLX_API_URL environment variable. No hardcoded external IPs. `requests.post(api_url, ...)` → None; this is the documented translation feature	`scripts/deeplx_translate.py:95`
Info	No sensitive path access Script does not access ~/.ssh, ~/.aws, .env (other than its own optional .env for DeepLX config), or any credential stores outside its documented scope. `No os.environ iteration for secrets` → None	`scripts/amazon_review_workbook.py:1`
Info	No hidden functionality All code paths are traceable to documented SKILL.md capabilities. CDP expressions are visible inline. No obfuscation, eval(), or base64 payloads. `browser.eval(expression)` → None	`scripts/amazon_review_workbook.py:637`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`READ`	`READ`	✓ Aligned	Reads JSON/CSV/XLSX output files and local .env
Network	`READ`	`READ`	✓ Aligned	Makes HTTP POST to user-configured DeepLX endpoint only
Shell	`WRITE`	`WRITE`	✓ Aligned	Executes Python scripts via CLI; standard for script-based skills
Environment	`NONE`	`READ`	✓ Aligned	Reads DEEPLX_API_URL/KEY from environment; does not harvest credentials
Skill Invoke	`NONE`	`NONE`	—	No skill invocation chains detected
Clipboard	`NONE`	`NONE`	—	No clipboard access
Browser	`READ`	`READ`	✓ Aligned	Chrome CDP on localhost:9222; strictly scoped to scraping
Database	`WRITE`	`WRITE`	✓ Aligned	SQLite cache for review data; contained in output directory

2 findings

🔗

Medium External URL 外部 URL

https://your-deeplx-host/translate

README.md:53

🔗

Medium External URL 外部 URL

http://127.0.0.1:

scripts/amazon_review_workbook.py:675

File Tree

12 files · 175.0 KB · 5210 lines

Python 5f · 4471L Markdown 6f · 735L YAML 1f · 4L

├─ ▾ 📁 agents

│ └─ 📋 openai.yaml YAML 4L · 352 B

├─ ▾ 📁 references

│ ├─ 📝 output-schema.md Markdown 81L · 2.4 KB

│ ├─ 📝 setup.md Markdown 104L · 3.1 KB

│ └─ 📝 tagging-guidelines.md Markdown 129L · 4.1 KB

├─ ▾ 📁 scripts

│ ├─ 🐍 amazon_review_workbook.py Python 2415L · 83.8 KB

│ ├─ 🐍 deeplx_translate.py Python 330L · 9.6 KB

│ ├─ 🐍 label_workflow.py Python 663L · 20.3 KB

│ ├─ 🐍 review_cache.py Python 465L · 15.7 KB

│ └─ 🐍 review_delivery_schema.py Python 598L · 18.6 KB

├─ 📝 LICENSE.zh-CN.md Markdown 23L · 1.1 KB

├─ 📝 README.md Markdown 240L · 6.4 KB

└─ 📝 SKILL.md Markdown 158L · 9.7 KB

Dependencies 5 items

Package	Version	Source	Known Vulns	Notes
`requests`	`*`	pip	No	No known CVE for current version; should be pinned for production
`websocket-client`	`*`	pip	No	Used for Chrome CDP WebSocket
`pandas`	`*`	pip	No	Workbook generation
`openpyxl`	`*`	pip	No	XLSX output
`sqlite3`	`built-in`	stdlib	No	Local caching

Security Positives

✓ Comprehensive SKILL.md with explicit capability declarations

✓ Clean separation of concerns across 5 focused Python modules

✓ Chrome CDP access strictly scoped to localhost:9222

✓ No credential harvesting beyond optional DeepLX API key (used only for translation)

✓ No data exfiltration — all scraped data stays in local output directory

✓ SQLite cache contained within output directory, not system paths

✓ No subprocess or shell command injection vectors

✓ No base64/eval/atob obfuscation patterns

✓ No remote script download (curl|bash, wget|sh)

✓ No iteration through os.environ for sensitive keys

✓ No access to ~/.ssh, ~/.aws/credentials, or similar sensitive paths

✓ Well-structured code with type hints and error handling

✓ Explicit failure boundaries documented in SKILL.md

Scan Report

Findings 5 items

File Tree

Dependencies 5 items

Security Positives