linkfox-shopee-store-returns
Fail
Audited by Snyk on Jul 16, 2026
Risk Level: CRITICAL
Full Analysis
CRITICAL E005: Suspicious download URL detected in skill instructions.
- Suspicious download URL detected (high risk: 0.80). One URL points to a direct downloadable ZIP on agent-files.linkfox.com (an external file-hosting endpoint used to distribute a skill), which is a file-distribution vector that can be used to deliver executables/ malware; the remaining links are official Shopee docs or service endpoints and look benign.
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.75). Runtime path: the skill calls Shopee via
POST /shopee/developerProxyand then prints/summarizes the returned JSON (_shopee_returns_common.emit_result→_lf_summarize/print(serialized)), so any free-text fields inside the outsider (Shopee) response can enter the agent’s LLM context.
MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).
- Direct money access detected (high risk: 1.00). The skill is a Shopee Returns module that explicitly handles "退货/退款/争议" and exposes API scripts like confirm, offer, accept_offer, dispute and cancel_dispute which are part of the returns/refund resolution flow (i.e., actions that can trigger money/refund-related operations via Shopee's v2.returns endpoints). This is a specific, platform-level financial operation (refund/offer/accept) rather than a generic tool, so it constitutes direct financial execution within the Shopee ecosystem.
Issues (3)
E005
CRITICALSuspicious download URL detected in skill instructions.
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W009
MEDIUMDirect money access capability detected (payment gateways, crypto, banking).
Audit Metadata