linkfox-shopee-store-account-health
Pass
Audited by Gen Agent Trust Hub on Jul 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The script
_shopee_account_health_common.pyusessubprocess.runto executecheck_auth_dependency.py. This is a local operation used to verify if the prerequisitelinkfox-shopee-store-authskill is installed. - [EXTERNAL_DOWNLOADS]: The
SKILL.mdfile provides instructions to download an onboarding skill fromagent-files.linkfox.com, which is a vendor-owned resource. - [DATA_EXFILTRATION]: Authentication tokens and shop identifiers are transmitted to the vendor-controlled gateway
tool-gateway.linkfox.com. This is required for the tool's core functionality to proxy requests to Shopee APIs. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes data from the Shopee API.
- Ingestion points: API response data processed in
scripts/_account_health_api_runner.pyand displayed via_lf_summarize. - Boundary markers: None identified. Content from external responses is printed or saved without delimiters or warnings to ignore embedded instructions.
- Capability inventory: The skill has network access via
urllib.request.urlopenand command execution capabilities viasubprocess.runinscripts/_shopee_account_health_common.py. - Sanitization: There is no evidence of string sanitization or filtering to prevent malicious instructions within API data from influencing the agent's behavior.
Audit Metadata