Skills
skills/linkfox-ai/linkfox-skills/linkfox-amazon-product-detail/Gen Agent Trust Hub

linkfox-amazon-product-detail

Pass

Audited by Gen Agent Trust Hub on Apr 22, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes a local Python script (scripts/amazon_product_detail.py) to handle API requests and data processing.
  • [DATA_EXFILTRATION]: Product identifiers (ASINs) and user feedback are transmitted to official vendor-controlled endpoints (tool-gateway.linkfox.com and skill-api.linkfox.com).
  • [CREDENTIALS_UNSAFE]: No hardcoded secrets were detected; the skill provides clear instructions for managing API keys through the LINKFOXAGENT_API_KEY environment variable.
  • [PROMPT_INJECTION]: The skill processes untrusted external content (Amazon product descriptions and reviews) which serves as a surface for indirect prompt injection. Ingestion points: API responses from tool-gateway.linkfox.com. Boundary markers: Absent. Capability inventory: API interaction and data rendering. Sanitization: Not explicitly implemented in the provided scripts.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 22, 2026, 05:32 AM