linkfox-shopee-store-shop
Pass
Audited by Gen Agent Trust Hub on Jul 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The common library
_shopee_shop_common.pyusessubprocess.runto execute the scriptcheck_auth_dependency.py. This script verifies the installation of mandatory peer skills by searching common skill directories on the local file system. - [EXTERNAL_DOWNLOADS]: The
SKILL.mddocumentation includes instructions for users to download an onboarding skill fromhttps://agent-files.linkfox.com/skills/linkfox-onboarding/release.zipif certain errors are encountered. - [DATA_EXFILTRATION]: The skill transmits the
LINKFOX_AGENT_API_KEYand Shopee access tokens to the vendor's gateway attool-gateway.linkfox.com. This is necessary for the skill to interact with Shopee's Open API. - [PROMPT_INJECTION]: The skill ingests data from external Shopee API endpoints, creating a potential surface for indirect prompt injection. 1. Ingestion points: Data retrieved from APIs such as
get_profileandget_shop_notification. 2. Boundary markers: None present; the skill outputs raw or summarized API data directly. 3. Capability inventory: Includes local file writing (emit_result), network requests (call_api), and local script execution (subprocess.run). 4. Sanitization: No sanitization is performed on the Shopee API response content before it is processed or displayed.
Audit Metadata