linkfox-keepa-product-request
Pass
Audited by Gen Agent Trust Hub on Jul 15, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructions (SKILL.md) suggest downloading an onboarding utility from the vendor's domain (
https://agent-files.linkfox.com/skills/linkfox-onboarding/release.zip) if the API key is missing. This targets the developer's own infrastructure and is documented as a setup procedure. - [COMMAND_EXECUTION]: The skill invokes a Python script (
scripts/keepa_product_detail.py) to handle API requests, caching, and local data persistence. The script uses standard libraries and performs authorized network operations. - [DATA_EXFILTRATION]: The skill sends product identifiers (ASINs) to the vendor's API gateway at
https://tool-gateway.linkfox.com. This is the core functional purpose of the skill. It also reads theLINKFOX_AGENT_API_KEYfrom the environment for authentication. - [INDIRECT_PROMPT_INJECTION]: The skill ingests external Amazon product data which could theoretically contain malicious strings in fields like 'title' or 'brand'.
- Ingestion points: Data is received from the Keepa API endpoint in
scripts/keepa_product_detail.py. - Boundary markers: None explicitly defined in the display instructions for the agent.
- Capability inventory: The skill has the ability to write JSON files to the local workspace and perform network requests to the vendor gateway.
- Sanitization: The script parses the response as structured JSON and provides a summary for large payloads, reducing the risk of the agent executing raw text from the external source.
Audit Metadata