linkfox-ehunt-temu-store-query

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The helper script scripts/response_io.py utilizes subprocess.run to execute primary skill scripts. This architecture is designed to manage large API responses by capturing output and providing timeouts. The implementation uses the current Python interpreter and disables shell execution, which prevents shell-level command injection.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes data from external Temu store listings. Ingestion occurs through the ehunt/temu/storeQuery endpoint. The skill lacks explicit boundary markers or sanitization for this third-party data, which is subsequently accessible to the agent's subprocess execution capabilities.
  • [EXTERNAL_DOWNLOADS]: The scripts/response_io.py script references the jmespath library for complex JSON processing. While not a standard library, the script includes a fallback mechanism if the package is not installed.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 02:08 AM