linkfox-youying-shopee-get-product-infos
Pass
Audited by Gen Agent Trust Hub on Jul 16, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to download a zip file from 'https://agent-files.linkfox.com/skills/linkfox-onboarding/release.zip' to resolve authentication or credit issues. This endpoint is hosted on the vendor's domain.
- [COMMAND_EXECUTION]: The skill executes a Python script 'scripts/youying_shopee_search.py' to perform network requests, manage a local cache, and write result data to the filesystem.
- [DATA_EXFILTRATION]: Search parameters and user metadata are transmitted to 'tool-gateway.linkfox.com' and 'skill-api.linkfox.com', which are vendor-managed service endpoints.
- [CREDENTIALS_UNSAFE]: The skill accesses the 'LINKFOX_AGENT_API_KEY' and 'LINKFOXAGENT_API_KEY' environment variables for API authentication.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its processing of external Shopee marketplace content.
- Ingestion points: Product titles, descriptions, and shop names are retrieved from the Shopee API via the 'scripts/youying_shopee_search.py' script.
- Boundary markers: The instructions do not specify any delimiters or warnings for the agent to ignore instructions embedded within the retrieved product data.
- Capability inventory: The skill can execute local Python scripts, perform network operations, and write files to the 'linkfox/' directory within the project.
- Sanitization: There is no evidence of sanitization or filtering of external marketplace content before it is processed by the agent.
Audit Metadata