tiktok-top-selling
Pass
Audited by Gen Agent Trust Hub on Jun 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements secure credential management by using environment variables (
NEXSCOPE_API_KEY,NEXSCOPE_PROXY_BASE) rather than hardcoding sensitive information. - [SAFE]: All network operations are confined to the vendor's official API proxy endpoint (
/api/v1/tools/linkfox/fastmoss/productRankTopSelling) to retrieve product rankings. - [SAFE]: No instances of prompt injection, code obfuscation, or unauthorized data exfiltration were identified during the analysis.
- [SAFE]: The Python script (
scripts/tiktok_top_selling.py) is well-defined and uses standard libraries for networking without introducing external or untrusted dependencies. - [SAFE]: The skill possesses a data ingestion surface (API responses), but since its functionality is limited to information retrieval and display without dangerous downstream capabilities (like file writes or command execution), the risk of indirect prompt injection is negligible.
Audit Metadata