linkfox-fastmoss-product-search
Pass
Audited by Gen Agent Trust Hub on May 30, 2026
Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [DATA_EXFILTRATION]: The skill retrieves a sensitive API key (
LINKFOXAGENT_API_KEY) from the environment and transmits it totool-gateway.linkfox.com. This is the intended behavior for authenticating with the developer's API. - [COMMAND_EXECUTION]: The skill includes a Python script (
scripts/fastmoss_product_search.py) used to perform API queries. It accepts user-provided search parameters as JSON input via command-line arguments. - [EXTERNAL_DOWNLOADS]: The skill communicates with external endpoints managed by the author (
linkfox-ai), specificallytool-gateway.linkfox.comfor product data andskill-api.linkfox.comfor feedback reporting. - [INDIRECT_PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection.
- Ingestion points: The agent ingests external product titles, category names, and trend labels from the
fastmoss/productSearchAPI endpoint. - Boundary markers: There are no explicit instructions or delimiters used to separate external data from the system prompt or to warn the agent to ignore embedded instructions in the product data.
- Capability inventory: The skill has network access capabilities through the provided Python script to fetch data from the vendor's API.
- Sanitization: No evidence of sanitization or validation of the content returned from the external API before it is displayed to the user.
Audit Metadata