linkfox-shopee-store-payment

Pass

Audited by Gen Agent Trust Hub on Jul 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The script _shopee_payment_common.py executes a local helper script, check_auth_dependency.py, using subprocess.run. This is used to verify the availability of the required Shopee authentication skill. The execution uses a hardcoded path relative to the current script and is not influenced by external input.
  • [EXTERNAL_DOWNLOADS]: The skill's instructions suggest downloading an onboarding component from the vendor's official domain (agent-files.linkfox.com) if the environment is not yet configured. This is a standard setup procedure for the vendor's suite of tools.
  • [DATA_EXFILTRATION]: The skill transmits API parameters and receives payment data via the vendor's proxy gateway at tool-gateway.linkfox.com. This is the intended functional design for interfacing with the Shopee Open API while managing authentication through the vendor's infrastructure.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 16, 2026, 08:08 AM