linkfox-shopee-store-discount

Pass

Audited by Gen Agent Trust Hub on Jul 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Internal helper script execution. The utility script _shopee_discount_common.py uses subprocess.run to call check_auth_dependency.py. This is a benign operation used to verify that the mandatory linkfox-shopee-store-auth skill is installed in the environment. The call uses the current Python interpreter (sys.executable) and a file path resolved relative to the calling script's location.
  • [DATA_EXFILTRATION]: Functional API communication. The skill sends data to tool-gateway.linkfox.com to perform Shopee API operations. This is the intended purpose of the skill and utilizes the vendor's own infrastructure. Sensitive authentication tokens are handled via environment variables and transmitted only to this tool gateway.
  • [EXTERNAL_DOWNLOADS]: Vendor resource references. The instructions in SKILL.md provide a link to download an onboarding skill from agent-files.linkfox.com. This is a trusted vendor domain used for distributing official support tools.
  • [PROMPT_INJECTION]: Indirect injection attack surface. The skill processes data from the Shopee API and saves it to local files for the agent to read.
  • Ingestion points: Shopee API responses are fetched and stored in the <cwd>/linkfox/ directory.
  • Boundary markers: The documentation explicitly advises the agent to use jq to extract specific fields rather than reading the entire JSON, which mitigates the risk of unexpected instruction obedience.
  • Capability inventory: The skill can execute local helper scripts and perform network operations to the tool gateway.
  • Sanitization: API responses are saved in structured JSON format, and the recommended retrieval methods utilize field-level extraction.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 16, 2026, 08:08 AM