The Agent Skills Directory

[COMMAND_EXECUTION]: The skill includes a Python script scripts/keepa_product_search.py intended for execution. This script uses standard Python libraries to perform HTTP POST requests to the vendor's API gateway. It does not use unsafe functions like eval() or exec().- [DATA_EXFILTRATION]: The skill performs network requests to https://tool-gateway.linkfox.com and https://skill-api.linkfox.com. These are vendor-owned domains used for product data retrieval and feedback collection. Access to the API is managed via the LINKFOXAGENT_API_KEY environment variable, which is a standard security practice for avoiding hardcoded credentials.- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted external data from the Keepa API (e.g., product titles, descriptions, and category names).
Ingestion points: Data enters the agent context from the API response at https://tool-gateway.linkfox.com/keepa/productSearch.
Boundary markers: The instructions do not specify the use of delimiters (like XML tags or triple quotes) to encapsulate the API response.
Capability inventory: The skill provides a script scripts/keepa_product_search.py which is executed via a subprocess.
Sanitization: There is no mention of filtering or sanitizing the product titles or descriptions before they are presented to the agent.

linkfox-keepa-product-search