linkfox-amazon-store-aplus-content

Pass

Audited by Gen Agent Trust Hub on Jul 16, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill performs internal command execution to verify environment prerequisites.
  • Evidence: In scripts/_spapi_aplus_common.py, the ensure_auth_skill_available function uses subprocess.run to execute the local scripts/check_auth_dependency.py script using the current Python interpreter.
  • [DATA_EXFILTRATION]: The skill transmits data to the vendor's API gateway.
  • Evidence: Network requests are sent to https://tool-gateway.linkfox.com. As this domain belongs to the skill's author (linkfox-ai) and serves as the documented proxy for the Amazon Selling Partner API, it is considered a legitimate vendor resource.
  • [SAFE]: The skill implements local file writing for auditing purposes.
  • Evidence: The emit_result function in scripts/_spapi_aplus_common.py saves full API response JSON files to a linkfox directory within the user's workspace to facilitate debugging and data extraction.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 16, 2026, 08:08 AM