TL;DR
This paper introduces SkillScanner, a static analysis tool designed to detect policy violations in voice application code during development, aiming to reduce policy violations in the Amazon Alexa skills store.
Contribution
The paper presents SkillScanner, a novel static analysis tool that identifies policy violations early in voice app development, supported by an empirical evaluation on open source skills.
Findings
SkillScanner detected 1,328 policy violations in 786 skills.
32% of violations stem from code duplication.
Code examples from official Alexa repositories contain violations leading to more violations in other skills.
Abstract
The Amazon Alexa marketplace is the largest Voice Personal Assistant (VPA) platform with over 100,000 voice applications (i.e., skills) published to the skills store. In an effort to maintain the quality and trustworthiness of voice-apps, Amazon Alexa has implemented a set of policy requirements to be adhered to by third-party skill developers. However, recent works reveal the prevalence of policy-violating skills in the current skills store. To understand the causes of policy violations in skills, we first conduct a user study with 34 third-party skill developers focusing on whether they are aware of the various policy requirements defined by the Amazon Alexa platform. Our user study results show that there is a notable gap between VPA's policy requirements and skill developers' practices. As a result, it is inevitable that policy-violating skills will be published. To prevent the…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
