linkfox-shopee-store-discount
Pass
Audited by Gen Agent Trust Hub on Jul 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Internal helper script execution. The utility script
_shopee_discount_common.pyusessubprocess.runto callcheck_auth_dependency.py. This is a benign operation used to verify that the mandatorylinkfox-shopee-store-authskill is installed in the environment. The call uses the current Python interpreter (sys.executable) and a file path resolved relative to the calling script's location. - [DATA_EXFILTRATION]: Functional API communication. The skill sends data to
tool-gateway.linkfox.comto perform Shopee API operations. This is the intended purpose of the skill and utilizes the vendor's own infrastructure. Sensitive authentication tokens are handled via environment variables and transmitted only to this tool gateway. - [EXTERNAL_DOWNLOADS]: Vendor resource references. The instructions in
SKILL.mdprovide a link to download an onboarding skill fromagent-files.linkfox.com. This is a trusted vendor domain used for distributing official support tools. - [PROMPT_INJECTION]: Indirect injection attack surface. The skill processes data from the Shopee API and saves it to local files for the agent to read.
- Ingestion points: Shopee API responses are fetched and stored in the
<cwd>/linkfox/directory. - Boundary markers: The documentation explicitly advises the agent to use
jqto extract specific fields rather than reading the entire JSON, which mitigates the risk of unexpected instruction obedience. - Capability inventory: The skill can execute local helper scripts and perform network operations to the tool gateway.
- Sanitization: API responses are saved in structured JSON format, and the recommended retrieval methods utilize field-level extraction.
Audit Metadata