The Agent Skills Directory

[SAFE]: No malicious patterns or security risks were identified. The skill acts as a standard command-line interface wrapper for the Lingxing ERP OpenAPI.
[EXTERNAL_DOWNLOADS]: All network activity is directed to the official API endpoint https://openapi.lingxing.com. This is a well-known service for e-commerce sellers, and the connection is used strictly for its documented purpose of data retrieval.
[COMMAND_EXECUTION]: The skill utilizes a Python script (scripts/lingxing.py) to manage API requests and authentication. The script is professionally written, avoids dangerous functions like eval or os.system, and uses json.loads for safe data parsing.
[CREDENTIALS_UNSAFE]: The skill adheres to security best practices by not hardcoding sensitive credentials. Users are instructed to provide LINGXING_APP_ID and LINGXING_APP_SECRET through environment variables. Access tokens are cached locally in /tmp for session management, which is a standard and acceptable practice.
[REMOTE_CODE_EXECUTION]: Analysis of the Python dependencies (requests, pycryptodome) and the script logic confirmed that no remote code execution or unauthorized package installation occurs.

linkfox-lingxing-erp