linkfox-amazon-store-auth
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill includes Python scripts (
authorize_url.py,authorized_stores.py,refresh_token.py,store_tokens.py) that facilitate communication with the LinkFox API gateway. These scripts parse user-provided JSON parameters from command-line arguments to execute specific store management tasks.\n- [DATA_EXFILTRATION]: The skill handles sensitive data, including Amazon Selling Partner API access and refresh tokens. Security best practices are implemented by masking these tokens in the script output (e.g., displaying only the first 10 characters followed by an ellipsis) to prevent accidental exposure in log files or terminal history. All network communication is directed to the vendor's authorized API endpoints.\n- [CREDENTIALS_UNSAFE]: No hardcoded secrets, API keys, or private tokens are present in the source code or documentation. The skill correctly utilizes theLINKFOXAGENT_API_KEYenvironment variable for authentication, which is a standard and recommended practice for managing sensitive credentials.\n- [PROMPT_INJECTION]: The skill defines a surface for potential indirect prompt injection as it processes user-provided inputs like seller names and region codes, and consumes data from the LinkFox gateway API. However, the risk is negligible as the data is handled within structured JSON formats and the skill's capabilities are restricted to specific store management functions.\n - Ingestion points: User-supplied store names and API responses from tool-gateway.linkfox.com.\n
- Boundary markers: Data is exchanged using structured JSON formats.\n
- Capability inventory: Network requests are performed using the standard Python urllib library to communicate with the vendor's gateway.\n
- Sanitization: Input is validated for required fields and data types, and sensitive outputs are masked.
Audit Metadata