linkfox-shopee-store-push

Pass

Audited by Gen Agent Trust Hub on Jul 16, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses subprocess.run within _shopee_push_common.py to execute a local helper script, check_auth_dependency.py. This operation is used solely for internal integrity checks to verify that required prerequisite skills are installed.
  • [EXTERNAL_DOWNLOADS]: The skill references several official vendor domains (linkfox.com and shopee.com) for API connectivity, technical documentation, and onboarding resources. It instructs the agent to download an onboarding skill from agent-files.linkfox.com only after obtaining user authorization.
  • [DATA_EXFILTRATION]: Functional network activity: the skill transmits API parameters and authorization tokens to the vendor's proxy gateway (tool-gateway.linkfox.com) to facilitate interaction with the Shopee Open Platform. This is the intended primary purpose of the skill.
  • [SAFE]: API responses are saved to the local working directory (<cwd>/linkfox/) in a structured format. This data management strategy allows the agent to process large responses using tools like jq without overloading the context window.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 16, 2026, 08:08 AM