linkfox-youying-shopee-get-product-infos

Pass

Audited by Gen Agent Trust Hub on Jul 16, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill provides instructions to download a zip file from 'https://agent-files.linkfox.com/skills/linkfox-onboarding/release.zip' to resolve authentication or credit issues. This endpoint is hosted on the vendor's domain.
  • [COMMAND_EXECUTION]: The skill executes a Python script 'scripts/youying_shopee_search.py' to perform network requests, manage a local cache, and write result data to the filesystem.
  • [DATA_EXFILTRATION]: Search parameters and user metadata are transmitted to 'tool-gateway.linkfox.com' and 'skill-api.linkfox.com', which are vendor-managed service endpoints.
  • [CREDENTIALS_UNSAFE]: The skill accesses the 'LINKFOX_AGENT_API_KEY' and 'LINKFOXAGENT_API_KEY' environment variables for API authentication.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its processing of external Shopee marketplace content.
  • Ingestion points: Product titles, descriptions, and shop names are retrieved from the Shopee API via the 'scripts/youying_shopee_search.py' script.
  • Boundary markers: The instructions do not specify any delimiters or warnings for the agent to ignore instructions embedded within the retrieved product data.
  • Capability inventory: The skill can execute local Python scripts, perform network operations, and write files to the 'linkfox/' directory within the project.
  • Sanitization: There is no evidence of sanitization or filtering of external marketplace content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 16, 2026, 08:09 AM