linkfox-amazon-reviews
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [SAFE]: Comprehensive analysis of the provided instructions and scripts confirms that the skill's behavior matches its stated purpose of Amazon review analysis with no detected malicious intent.
- [COMMAND_EXECUTION]: The skill executes local Python scripts (
scripts/amazon_reviews.pyandscripts/amazon_us_reviews.py) to interface with its backend API. These scripts are implemented using standard libraries and take parameters via command-line arguments. - [DATA_EXFILTRATION]: The Python scripts perform HTTPS POST requests to
tool-gateway.linkfox.comandskill-api.linkfox.com. These are legitimate vendor resources belonging to 'linkfox-ai' and are used for data retrieval and feedback submission. - [PROMPT_INJECTION]: The skill processes untrusted external data (Amazon reviews), which presents an indirect prompt injection surface. This is inherent to the skill's primary function of review analysis.
- Ingestion points: External review content is fetched via the API and processed in
scripts/amazon_reviews.pyandscripts/amazon_us_reviews.py. - Boundary markers: Absent; review text is not specifically delimited to prevent the agent from interpreting instructions within the text.
- Capability inventory: The skill is restricted to network operations on vendor-owned domains and does not possess capabilities for unauthorized filesystem access or system modifications.
- Sanitization: No explicit sanitization or filtering of the fetched review text is performed before it is presented to the agent.
Audit Metadata