linkfox-ehunt-shopify-store-query

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: All network operations are directed to the vendor's official domain (linkfox.com) for API queries and feedback.
  • [SAFE]: Authentication is handled correctly via the LINKFOXAGENT_API_KEY environment variable, with no hardcoded credentials found in the code.
  • [COMMAND_EXECUTION]: The scripts/response_io.py utility uses subprocess.run to execute other local scripts within the skill. This is a controlled pattern used for managing large API responses by persisting them to disk and does not allow for arbitrary shell command injection.
  • [SAFE]: The skill implements basic sanitization for file operations, such as filtering labels used in filenames to prevent path traversal in the response_io.py script.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 02:08 AM