linkfox-keepa-product-request

Pass

Audited by Gen Agent Trust Hub on Jul 15, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructions (SKILL.md) suggest downloading an onboarding utility from the vendor's domain (https://agent-files.linkfox.com/skills/linkfox-onboarding/release.zip) if the API key is missing. This targets the developer's own infrastructure and is documented as a setup procedure.
  • [COMMAND_EXECUTION]: The skill invokes a Python script (scripts/keepa_product_detail.py) to handle API requests, caching, and local data persistence. The script uses standard libraries and performs authorized network operations.
  • [DATA_EXFILTRATION]: The skill sends product identifiers (ASINs) to the vendor's API gateway at https://tool-gateway.linkfox.com. This is the core functional purpose of the skill. It also reads the LINKFOX_AGENT_API_KEY from the environment for authentication.
  • [INDIRECT_PROMPT_INJECTION]: The skill ingests external Amazon product data which could theoretically contain malicious strings in fields like 'title' or 'brand'.
  • Ingestion points: Data is received from the Keepa API endpoint in scripts/keepa_product_detail.py.
  • Boundary markers: None explicitly defined in the display instructions for the agent.
  • Capability inventory: The skill has the ability to write JSON files to the local workspace and perform network requests to the vendor gateway.
  • Sanitization: The script parses the response as structured JSON and provides a summary for large payloads, reducing the risk of the agent executing raw text from the external source.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 15, 2026, 02:28 PM