linkfox-temu-promotion-us

Pass

Audited by Gen Agent Trust Hub on Jul 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides a comprehensive set of Python scripts in the scripts/ directory to perform specific Temu API tasks (e.g., us_promotion_activity_query.py), manage local authentication tokens, and provide authorization guides.
  • [EXTERNAL_DOWNLOADS]: Interacts with tool-gateway.linkfox.com and skill-api.linkfox.com to proxy API requests and handle feedback. These endpoints are owned by the vendor (linkfox-ai).
  • [SAFE]: Indirect Prompt Injection Surface.
  • Ingestion points: External data received from the Temu API via the LinkFox gateway is saved to the local workspace in _temu_common.py.
  • Boundary markers: None used; API responses are written as raw JSON files.
  • Capability inventory: The skill can write files to the project directory and perform network operations as defined in scripts/_temu_common.py.
  • Sanitization: The skill does not explicitly sanitize the content of the remote API responses before writing them to the file system.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 16, 2026, 08:08 AM