linkfox-temu-manage-product-global
Pass
Audited by Gen Agent Trust Hub on Jul 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill facilitates interaction with the Temu Global Manage Product API by proxying requests through the vendor's gateway at
tool-gateway.linkfox.com. All network communication is directed to documented vendor infrastructure. - [SAFE]: Authentication is managed through environment variables (
LINKFOXAGENT_API_KEY) and a local storage file for Temu access tokens (~/.linkfox/temu-access-tokens.json). The storage of these secrets in the user's home directory is a standard practice for local CLI tools and is clearly documented within the skill. - [SAFE]: The skill includes scripts for manual token acquisition and verification, ensuring that users maintain control over their credentials. It provides step-by-step guides for obtaining tokens from official Temu seller portals.
- [SAFE]: API responses are saved locally to a
linkfox/directory within the workspace for auditability and to manage the agent's context window. This behavior is consistent with the skill's documented purpose. - [SAFE]: The Python scripts utilize only standard libraries (e.g.,
json,os,urllib), avoiding third-party dependency risks. No evidence of obfuscation, remote code execution, or unauthorized data access was found.
Audit Metadata