linkfox-jiimore-niche-review
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXFILTRATION]: The skill facilitates data retrieval from vendor-controlled domains (linkfox.com). This is essential for the described functionality and does not involve exfiltration to untrusted third parties.
- [COMMAND_EXECUTION]: The skill includes a script for API interaction. This script is limited to network requests using the standard library and does not execute arbitrary shell commands.
- [CREDENTIALS_UNSAFE]: Secret management is handled via the LINKFOXAGENT_API_KEY environment variable, following security best practices.
- [SAFE]: The skill exhibits an indirect prompt injection surface by processing Amazon reviews. Evidence: 1. Ingestion: API data processed in scripts/jiimore_get_niche_review.py and references/api.md. 2. Boundaries: Instructions specify clear tabular formatting and sentiment grouping in SKILL.md. 3. Capabilities: Limited to JSON output and authenticated network calls to the vendor. 4. Sanitization: Handled by agent output formatting instructions.
Audit Metadata