linkfox-amazon-opportunity-screener
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The
scripts/response_io.pyutility usessubprocess.runto execute the bundled API scriptscripts/amazon_opportunity_screener.py. This is an architectural choice used to capture large JSON responses to disk, preventing context window overflow in the AI agent. The command is executed using a list of arguments without a shell, which is a safe practice. - [DATA_EXFILTRATION]: The skill communicates with
tool-gateway.linkfox.comandskill-api.linkfox.com. These are official endpoints belonging to the vendor, LinkFox AI. Sensitive information like the API key is handled through standard environment variables rather than being hardcoded. - [EXTERNAL_DOWNLOADS]: No evidence was found of the skill downloading or executing code from untrusted third-party sources. All scripts are bundled within the skill package.
- [SAFE]: The script
scripts/response_io.pyimplements secure file handling by allowing the agent to specify temporary output directories and providing warnings regarding the sensitivity of the stored data snapshots.
Audit Metadata