linkfox-shopee-store-returns

Fail

Audited by Snyk on Jul 16, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E005: Suspicious download URL detected in skill instructions.

  • Suspicious download URL detected (high risk: 0.80). One URL points to a direct downloadable ZIP on agent-files.linkfox.com (an external file-hosting endpoint used to distribute a skill), which is a file-distribution vector that can be used to deliver executables/ malware; the remaining links are official Shopee docs or service endpoints and look benign.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.75). Runtime path: the skill calls Shopee via POST /shopee/developerProxy and then prints/summarizes the returned JSON (_shopee_returns_common.emit_result_lf_summarize / print(serialized)), so any free-text fields inside the outsider (Shopee) response can enter the agent’s LLM context.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

  • Direct money access detected (high risk: 1.00). The skill is a Shopee Returns module that explicitly handles "退货/退款/争议" and exposes API scripts like confirm, offer, accept_offer, dispute and cancel_dispute which are part of the returns/refund resolution flow (i.e., actions that can trigger money/refund-related operations via Shopee's v2.returns endpoints). This is a specific, platform-level financial operation (refund/offer/accept) rather than a generic tool, so it constitutes direct financial execution within the Shopee ecosystem.

Issues (3)

E005
CRITICAL

Suspicious download URL detected in skill instructions.

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W009
MEDIUM

Direct money access capability detected (payment gateways, crypto, banking).

Audit Metadata
Risk Level
CRITICAL
Analyzed
Jul 16, 2026, 08:09 AM
Issues
3