linkfox-temu-price-eu
Pass
Audited by Gen Agent Trust Hub on Jul 16, 2026
Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill manages sensitive Temu access tokens by storing them in a local configuration file at
~/.linkfox/temu-access-tokens.json. These tokens, alongside a user-provided LinkFox API key (LINKFOXAGENT_API_KEY), are transmitted to the vendor's gateway attool-gateway.linkfox.comto authenticate and proxy API requests. This is standard functionality for the skill's purpose as an API proxy. - [COMMAND_EXECUTION]: The skill operates by executing Python scripts located in the
scripts/directory. These scripts perform network operations and local file management to handle API interactions and store responses for the agent's reference. - [PROMPT_INJECTION]: Indirect Prompt Injection Risk Evaluation:
- Ingestion points: Data enters the system via API responses from the LinkFox gateway, which are printed to stdout and saved to local JSON files in the
linkfox/directory. - Boundary markers: No explicit boundary markers or instruction-ignoring delimiters are used in the output strings.
- Capability inventory: The skill's scripts have the capability to perform network requests (
urllib.request) and write to the local filesystem. - Sanitization:
SKILL.mdinstructs the agent to use structured extraction tools likejqto parse the saved JSON responses rather than directly ingesting full response text into the context, which significantly reduces the risk of malicious instructions in API data influencing agent behavior. - [SAFE]: No malicious patterns such as code obfuscation, unauthorized credential harvesting, or remote code execution from untrusted sources were detected. The skill's behavior is consistent with its documented purpose and vendor context.
Audit Metadata