Skills
skills/linkfox-ai/linkfox-skills/linkfox-mpstats-ozon-seller-products/Gen Agent Trust Hub

linkfox-mpstats-ozon-seller-products

Pass

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection via the processing of external marketplace data.
  • Ingestion points: Product attributes (such as titles and brand names) are fetched from the LinkFox tool gateway API as defined in references/api.md and processed by scripts/mpstats_ozon_seller_products.py.
  • Boundary markers: SKILL.md lacks explicit boundary markers or instructions to the agent to disregard potential commands embedded within the product data displayed in the summary table.
  • Capability inventory: The skill has network access capabilities via the provided Python script and interacts with the broader LinkFox agent ecosystem.
  • Sanitization: There is no logic present in the skill's scripts or instructions to sanitize or escape product data before it enters the agent's context.
  • [DATA_EXFILTRATION]: The skill performs network requests to the vendor's official infrastructure.
  • It connects to tool-gateway.linkfox.com to retrieve market statistics and skill-api.linkfox.com for operational feedback.
  • Credentials for these services are managed through the LINKFOXAGENT_API_KEY environment variable, which is consistent with secure development standards.
Audit Metadata
Risk Level
SAFE
Analyzed
May 14, 2026, 08:40 AM