linkfox-shopee-store-fbs

Pass

Audited by Gen Agent Trust Hub on Jul 16, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructions in SKILL.md suggest downloading a troubleshooting component from https://agent-files.linkfox.com/skills/linkfox-onboarding/release.zip. This is a vendor-owned domain used for distribution of additional components.
  • [COMMAND_EXECUTION]: The helper script scripts/_shopee_fbs_common.py uses subprocess.run to execute scripts/check_auth_dependency.py. This is used to programmatically verify that the required authorization skill is installed in the local environment.
  • [DATA_EXFILTRATION]: The skill transmits Shopee access tokens and request parameters to https://tool-gateway.linkfox.com. This is the intended behavior of the skill to proxy requests to the Shopee Open API via the vendor's gateway.
  • [DATA_EXFILTRATION]: The skill implements an automated feedback mechanism that sends usage status to https://skill-api.linkfox.com/api/v1/public/feedback.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 16, 2026, 08:08 AM