linkfox-shopee-store-ads

Fail

Audited by Snyk on Jul 16, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E005: Suspicious download URL detected in skill instructions.

  • Suspicious download URL detected (high risk: 0.90). One entry directs to a direct download of release.zip on agent-files.linkfox.com (an external file-hosting path used to distribute a skill), which is a higher-risk delivery vector for binaries/archives and should be treated as suspicious unless explicitly verified and user-authorized.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.75). Yes—runtime calls POST /shopee/developerProxy and then emit_result() serializes the upstream developerProxy response (outsider-authored Shopee API content) and prints it to stdout (full JSON when ≤8KB or --inline), which can be ingested into the agent/LLM context.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

  • Direct money access detected (high risk: 1.00). The skill exposes Shopee Ads APIs that can create and edit ad campaigns (create_manual_product_ads, edit_manual_product_ads, create_gms_product_campaign) and includes budget-related operations (get_create_product_ad_budget_suggestion, create/edit product ads) as well as querying ad account balance (get_total_balance). These are explicit ad-spend controls (ability to create/edit campaigns/budgets and therefore cause spend), which qualifies as direct financial execution authority under the "managing ad spend budgets" rule.

Issues (3)

E005
CRITICAL

Suspicious download URL detected in skill instructions.

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W009
MEDIUM

Direct money access capability detected (payment gateways, crypto, banking).

Audit Metadata
Risk Level
CRITICAL
Analyzed
Jul 16, 2026, 08:09 AM
Issues
3