linkfox-youying-shopee-product-search
Warn
Audited by Snyk on May 29, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.75). Runtime path: the skill calls the LinkFox tool API (
https://tool-gateway.linkfox.com/youying/shopee/getProductInfos) and ingests the returnedproducts[].title/description/...fields into the agent context; these fields are scraped/compiled from Shopee listings by a third party (outsider-authored free text), creating indirect prompt-injection risk.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata