linkfox-echotik-product-search
Pass
Audited by Gen Agent Trust Hub on May 30, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill initiates network requests to the vendor's official API gateway at
tool-gateway.linkfox.comand a feedback endpoint atskill-api.linkfox.com. These operations are consistent with the skill's documented purpose of retrieving e-commerce analytics data. - [SAFE]: Secret management follows best practices by retrieving the API key from an environment variable (
LINKFOXAGENT_API_KEY) rather than using hardcoded credentials. - [SAFE]: The Python script
scripts/echotik_list_product.pyuses standard library modules (urllib.request,json,os,sys) for network communication and parameter parsing. It does not employ dynamic code execution (e.g., eval, exec) or suspicious subprocess calls. - [SAFE]: No obfuscation, prompt injection attempts, or persistence mechanisms were found in the skill metadata, instructions, or associated scripts.
Audit Metadata