linkfox-amazon-reviews-list
Pass
Audited by Gen Agent Trust Hub on Jul 15, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local Python script
scripts/amazon_reviews.pyto handle parameter validation, API communication, and result processing. It includes logic to write JSON responses to the project directory for persistence and analysis. - [DATA_EXFILTRATION]: Transmits user-provided ASINs, keywords, and marketplace identifiers to the vendor's API endpoint
tool-gateway.linkfox.comto retrieve review data. It also sends session metadata (SESSION_ID, APP_NAME) in request headers. - [EXTERNAL_DOWNLOADS]: Instructs the agent to download a skill installation package from the vendor's official domain
agent-files.linkfox.comif authentication fails or credits are insufficient. - [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection by ingesting untrusted data (Amazon customer reviews).
- Ingestion points: Data enters the environment through the JSON response of
call_apiinscripts/amazon_reviews.py. - Boundary markers: The script does not wrap review content in specific security delimiters before printing it to standard output or saving to file.
- Capability inventory: The skill can perform network requests (
urllib), file writes (os.open), and command execution (scripts/amazon_reviews.py). - Sanitization: There is no evidence of content sanitization or instruction-filtering for the
textfield of the retrieved reviews.
Audit Metadata