linkfox-ehunt-etsy-store-query
Pass
Audited by Gen Agent Trust Hub on May 30, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXFILTRATION]: The skill performs network requests to the vendor's official API gateway at
https://tool-gateway.linkfox.com. This communication is required for the skill's primary function and targets the vendor's own infrastructure. - [CREDENTIALS_UNSAFE]: The skill correctly manages authentication by instructing the user to provide an API key via an environment variable (
LINKFOXAGENT_API_KEY), which is a secure and standard practice for sensitive credentials. - [PROMPT_INJECTION]: The skill processes data from Etsy stores (such as names and categories) which represents a potential surface for indirect prompt injection.
- Ingestion points: Data is ingested via the
_ehunt_storeQueryAPI response (seereferences/api.md). - Boundary markers: None explicitly defined in the instructions.
- Capability inventory: The skill includes a Python script (
scripts/ehunt_etsy_store_query.py) that can perform network operations and execute as a subprocess. - Sanitization: No explicit sanitization or filtering is performed on the incoming store data before being presented to the agent.
Audit Metadata