linkfox-amazon-opportunity-screener

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The scripts/response_io.py utility uses subprocess.run to execute the bundled API script scripts/amazon_opportunity_screener.py. This is an architectural choice used to capture large JSON responses to disk, preventing context window overflow in the AI agent. The command is executed using a list of arguments without a shell, which is a safe practice.
  • [DATA_EXFILTRATION]: The skill communicates with tool-gateway.linkfox.com and skill-api.linkfox.com. These are official endpoints belonging to the vendor, LinkFox AI. Sensitive information like the API key is handled through standard environment variables rather than being hardcoded.
  • [EXTERNAL_DOWNLOADS]: No evidence was found of the skill downloading or executing code from untrusted third-party sources. All scripts are bundled within the skill package.
  • [SAFE]: The script scripts/response_io.py implements secure file handling by allowing the agent to specify temporary output directories and providing warnings regarding the sensitivity of the stored data snapshots.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 11:19 AM