linkfox-fastmoss-product-search

Pass

Audited by Gen Agent Trust Hub on May 30, 2026

Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [DATA_EXFILTRATION]: The skill retrieves a sensitive API key (LINKFOXAGENT_API_KEY) from the environment and transmits it to tool-gateway.linkfox.com. This is the intended behavior for authenticating with the developer's API.
  • [COMMAND_EXECUTION]: The skill includes a Python script (scripts/fastmoss_product_search.py) used to perform API queries. It accepts user-provided search parameters as JSON input via command-line arguments.
  • [EXTERNAL_DOWNLOADS]: The skill communicates with external endpoints managed by the author (linkfox-ai), specifically tool-gateway.linkfox.com for product data and skill-api.linkfox.com for feedback reporting.
  • [INDIRECT_PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection.
  • Ingestion points: The agent ingests external product titles, category names, and trend labels from the fastmoss/productSearch API endpoint.
  • Boundary markers: There are no explicit instructions or delimiters used to separate external data from the system prompt or to warn the agent to ignore embedded instructions in the product data.
  • Capability inventory: The skill has network access capabilities through the provided Python script to fetch data from the vendor's API.
  • Sanitization: No evidence of sanitization or validation of the content returned from the external API before it is displayed to the user.
Audit Metadata
Risk Level
SAFE
Analyzed
May 30, 2026, 12:04 AM