linkfox-amazon-reviews-list

Pass

Audited by Gen Agent Trust Hub on Jul 15, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local Python script scripts/amazon_reviews.py to handle parameter validation, API communication, and result processing. It includes logic to write JSON responses to the project directory for persistence and analysis.
  • [DATA_EXFILTRATION]: Transmits user-provided ASINs, keywords, and marketplace identifiers to the vendor's API endpoint tool-gateway.linkfox.com to retrieve review data. It also sends session metadata (SESSION_ID, APP_NAME) in request headers.
  • [EXTERNAL_DOWNLOADS]: Instructs the agent to download a skill installation package from the vendor's official domain agent-files.linkfox.com if authentication fails or credits are insufficient.
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection by ingesting untrusted data (Amazon customer reviews).
  • Ingestion points: Data enters the environment through the JSON response of call_api in scripts/amazon_reviews.py.
  • Boundary markers: The script does not wrap review content in specific security delimiters before printing it to standard output or saving to file.
  • Capability inventory: The skill can perform network requests (urllib), file writes (os.open), and command execution (scripts/amazon_reviews.py).
  • Sanitization: There is no evidence of content sanitization or instruction-filtering for the text field of the retrieved reviews.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 15, 2026, 02:29 PM