linkfox-amazon-store-orders

Pass

Audited by Gen Agent Trust Hub on May 30, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes subprocess.run for internal task orchestration and dependency management.
  • In scripts/_spapi_orders_common.py, the skill executes scripts/check_auth_dependency.py to ensure required authentication skills are installed.
  • In scripts/response_io.py, the script acts as a wrapper that executes API-specific scripts (like search_orders.py) using the sys.executable to safely handle response data.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface due to its interaction with external API data.
  • Ingestion points: Data is ingested from the Amazon SP-API via the LinkFox proxy gateway in scripts such as search_orders.py and get_order.py.
  • Boundary markers: The data is consistently handled as structured JSON. The response_io.py utility further mitigates risk by allowing the agent to project only specific required fields.
  • Capability inventory: The skill performs HTTPS requests to the vendor's API gateway and executes internal Python scripts.
  • Sanitization: While the data is parsed as JSON, no explicit content filtering or instruction-bypass delimiters are used for the strings returned by the API.
Audit Metadata
Risk Level
SAFE
Analyzed
May 30, 2026, 12:05 AM