linkfox-amazon-store-orders
Pass
Audited by Gen Agent Trust Hub on May 30, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes
subprocess.runfor internal task orchestration and dependency management. - In
scripts/_spapi_orders_common.py, the skill executesscripts/check_auth_dependency.pyto ensure required authentication skills are installed. - In
scripts/response_io.py, the script acts as a wrapper that executes API-specific scripts (likesearch_orders.py) using thesys.executableto safely handle response data. - [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface due to its interaction with external API data.
- Ingestion points: Data is ingested from the Amazon SP-API via the LinkFox proxy gateway in scripts such as
search_orders.pyandget_order.py. - Boundary markers: The data is consistently handled as structured JSON. The
response_io.pyutility further mitigates risk by allowing the agent to project only specific required fields. - Capability inventory: The skill performs HTTPS requests to the vendor's API gateway and executes internal Python scripts.
- Sanitization: While the data is parsed as JSON, no explicit content filtering or instruction-bypass delimiters are used for the strings returned by the API.
Audit Metadata