linkfox-shopee-store-merchant

Pass

Audited by Gen Agent Trust Hub on Jul 16, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses subprocess.run within _shopee_merchant_common.py to execute a local dependency checker script (check_auth_dependency.py). This execution is restricted to the skill's own directory using the current Python interpreter and does not utilize a shell, making it a safe operation for environment validation.
  • [EXTERNAL_DOWNLOADS]: The skill provides instructions and URLs for downloading a legitimate onboarding component from the vendor's official domain (agent-files.linkfox.com). This is part of the standard installation and setup process for the LinkFox ecosystem.
  • [DATA_EXFILTRATION]: While the skill transmits Shopee access tokens and merchant IDs to tool-gateway.linkfox.com, this is the primary intended function of the skill (proxying API requests for the user). The communication is authenticated using vendor-provided API keys and occurs over HTTPS.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 16, 2026, 08:08 AM