linkfox-temu-price-us

Pass

Audited by Gen Agent Trust Hub on Jul 16, 2026

Risk Level: SAFEDATA_EXFILTRATIONCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill transmits business data and Temu access tokens to the vendor's API gateway at tool-gateway.linkfox.com. This is the primary intended function of the skill to facilitate proxying requests to Temu's platform.
  • [CREDENTIALS_UNSAFE]: The skill provides mechanisms to store and retrieve Temu access tokens in a local configuration file at ~/.linkfox/temu-access-tokens.json. While this stores credentials on the local filesystem, it is the standard and documented method for managing authentication within this vendor's ecosystem of tools.
  • [EXTERNAL_DOWNLOADS]: Skill instructions may prompt the agent to download an auxiliary onboarding skill from the vendor's domain (agent-files.linkfox.com) if it is not already present. As this originates from a trusted vendor source, it does not pose a security risk in this context.
  • [PROMPT_INJECTION]: The skill processes and displays data returned from external Temu APIs. While this constitutes a potential surface for indirect prompt injection, the skill's architecture includes output summarization for large payloads, which helps mitigate the risk of context poisoning from untrusted external data.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 16, 2026, 08:08 AM