linkfox-shopee-store-video
Pass
Audited by Gen Agent Trust Hub on Jul 16, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
subprocess.runto execute a local Python scriptcheck_auth_dependency.pyfor verifying the presence of required authentication modules. This is a controlled execution of internal skill code and does not pose a security risk. - [EXTERNAL_DOWNLOADS]: The skill documentation suggests downloading an onboarding skill from
agent-files.linkfox.comif necessary. This domain is owned by the skill vendor (linkfox-ai) and is used for legitimate distribution of related tools. - [CREDENTIALS_UNSAFE]: The skill accesses API keys through environment variables (
LINKFOX_AGENT_API_KEY,LINKFOXAGENT_API_KEY), which is the recommended secure practice for agent skills. No hardcoded credentials were found. - [DATA_EXFILTRATION]: Network communication is restricted to the vendor's official gateway (
tool-gateway.linkfox.com) and feedback API (skill-api.linkfox.com). The transmission of shop identifiers and access tokens to these endpoints is essential for the skill's primary function of managing Shopee store videos.
Audit Metadata