linkfox-temu-manage-product-global

Pass

Audited by Gen Agent Trust Hub on Jul 16, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill facilitates interaction with the Temu Global Manage Product API by proxying requests through the vendor's gateway at tool-gateway.linkfox.com. All network communication is directed to documented vendor infrastructure.
  • [SAFE]: Authentication is managed through environment variables (LINKFOXAGENT_API_KEY) and a local storage file for Temu access tokens (~/.linkfox/temu-access-tokens.json). The storage of these secrets in the user's home directory is a standard practice for local CLI tools and is clearly documented within the skill.
  • [SAFE]: The skill includes scripts for manual token acquisition and verification, ensuring that users maintain control over their credentials. It provides step-by-step guides for obtaining tokens from official Temu seller portals.
  • [SAFE]: API responses are saved locally to a linkfox/ directory within the workspace for auditability and to manage the agent's context window. This behavior is consistent with the skill's documented purpose.
  • [SAFE]: The Python scripts utilize only standard libraries (e.g., json, os, urllib), avoiding third-party dependency risks. No evidence of obfuscation, remote code execution, or unauthorized data access was found.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 16, 2026, 08:08 AM