linkfox-shopee-store-account-health

Pass

Audited by Gen Agent Trust Hub on Jul 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The script _shopee_account_health_common.py uses subprocess.run to execute check_auth_dependency.py. This is a local operation used to verify if the prerequisite linkfox-shopee-store-auth skill is installed.
  • [EXTERNAL_DOWNLOADS]: The SKILL.md file provides instructions to download an onboarding skill from agent-files.linkfox.com, which is a vendor-owned resource.
  • [DATA_EXFILTRATION]: Authentication tokens and shop identifiers are transmitted to the vendor-controlled gateway tool-gateway.linkfox.com. This is required for the tool's core functionality to proxy requests to Shopee APIs.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes data from the Shopee API.
  • Ingestion points: API response data processed in scripts/_account_health_api_runner.py and displayed via _lf_summarize.
  • Boundary markers: None identified. Content from external responses is printed or saved without delimiters or warnings to ignore embedded instructions.
  • Capability inventory: The skill has network access via urllib.request.urlopen and command execution capabilities via subprocess.run in scripts/_shopee_account_health_common.py.
  • Sanitization: There is no evidence of string sanitization or filtering to prevent malicious instructions within API data from influencing the agent's behavior.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 16, 2026, 08:08 AM