linkfox-shopee-store-merchant
Pass
Audited by Gen Agent Trust Hub on Jul 16, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
subprocess.runwithin_shopee_merchant_common.pyto execute a local dependency checker script (check_auth_dependency.py). This execution is restricted to the skill's own directory using the current Python interpreter and does not utilize a shell, making it a safe operation for environment validation. - [EXTERNAL_DOWNLOADS]: The skill provides instructions and URLs for downloading a legitimate onboarding component from the vendor's official domain (
agent-files.linkfox.com). This is part of the standard installation and setup process for the LinkFox ecosystem. - [DATA_EXFILTRATION]: While the skill transmits Shopee access tokens and merchant IDs to
tool-gateway.linkfox.com, this is the primary intended function of the skill (proxying API requests for the user). The communication is authenticated using vendor-provided API keys and occurs over HTTPS.
Audit Metadata