linkfox-shopee-store-payment
Pass
Audited by Gen Agent Trust Hub on Jul 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The script
_shopee_payment_common.pyexecutes a local helper script,check_auth_dependency.py, usingsubprocess.run. This is used to verify the availability of the required Shopee authentication skill. The execution uses a hardcoded path relative to the current script and is not influenced by external input. - [EXTERNAL_DOWNLOADS]: The skill's instructions suggest downloading an onboarding component from the vendor's official domain (
agent-files.linkfox.com) if the environment is not yet configured. This is a standard setup procedure for the vendor's suite of tools. - [DATA_EXFILTRATION]: The skill transmits API parameters and receives payment data via the vendor's proxy gateway at
tool-gateway.linkfox.com. This is the intended functional design for interfacing with the Shopee Open API while managing authentication through the vendor's infrastructure.
Audit Metadata