linkfox-shopee-store-voucher

Pass

Audited by Gen Agent Trust Hub on Jul 16, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill performs internal dependency checks by executing a bundled Python script using subprocess.run in scripts/_shopee_voucher_common.py. This operation is used to ensure the prerequisite authorization skill is available and does not involve shell injection or untrusted inputs.
  • [EXTERNAL_DOWNLOADS]: Documentation in SKILL.md refers to a vendor-hosted onboarding skill at https://agent-files.linkfox.com/skills/linkfox-onboarding/release.zip. This is a recommended download for configuration and is treated as a safe vendor resource.
  • [DATA_EXFILTRATION]: Network requests are made to https://tool-gateway.linkfox.com to facilitate Shopee API operations. These requests include the user's API key as required for authentication with the LinkFox proxy service. This behavior is transparently disclosed in the skill's documentation.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 16, 2026, 08:08 AM