cn-ecommerce-search
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill is configured to download the
@shopmeagent/cn-ecommerce-search-mcppackage from the NPM registry during setup usingnpx. This package is a vendor-owned resource associated with the skill author. - [REMOTE_CODE_EXECUTION]: The use of
npxfacilitates the download and immediate execution of the MCP server code. This is a standard and expected deployment method for this skill type. - [COMMAND_EXECUTION]: The agent executes the
npxcommand as part of the MCP server lifecycle to facilitate product searches. - [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection.
- Ingestion points: The skill retrieves product titles, descriptions, and user comments from external platforms (Taobao, Tmall, XHS) via the
search_productsandget_product_detailtools. - Boundary markers: No explicit delimiters or instructions are provided to the agent to treat external product data as untrusted or to ignore embedded instructions.
- Capability inventory: The skill possesses the ability to execute the vendor's MCP server and communicate with
api.shopmeagent.com. - Sanitization: There is no evidence of content filtering or sanitization performed on the data fetched from e-commerce platforms before it is integrated into the agent's context.
Audit Metadata