linkfox-shopee-store-sbs
Pass
Audited by Gen Agent Trust Hub on Jul 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill follows secure practices for credential management by retrieving the API key from environment variables (LINKFOX_AGENT_API_KEY) rather than using hardcoded secrets.
- [COMMAND_EXECUTION]: The script _shopee_sbs_common.py executes a subprocess call to run check_auth_dependency.py. This execution is limited to the skill's own local python interpreter and internal dependency checking logic, presenting no risk of arbitrary command injection.
- [EXTERNAL_DOWNLOADS]: The skill connects to vendor-controlled domains (tool-gateway.linkfox.com and skill-api.linkfox.com) for its primary operations. It also includes instructions for the agent to guide users to download supplementary onboarding materials from agent-files.linkfox.com when necessary.
- [DATA_EXFILTRATION]: Network requests are strictly limited to the vendor's API gateway for processing Shopee e-commerce data. No unauthorized data transmission or exfiltration patterns were detected.
Audit Metadata