Sif Keyword Overview
PassAudited by ClawScan on May 10, 2026.
Overview
This appears to be a straightforward LinkFox Amazon keyword-analysis skill, but it does use a LinkFox API key and documents an optional feedback endpoint.
This skill is reasonable to use if you trust LinkFox with the keyword, marketplace, and date-range queries you submit. Configure the LINKFOXAGENT_API_KEY carefully, do not paste secrets into keyword or feedback fields, and treat the separate feedback API as optional rather than part of the required analysis workflow.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your LinkFox API key is used to authenticate requests for keyword data.
The script reads a LinkFox API key from the local environment and sends it as the Authorization header to the LinkFox tool gateway. This is expected for the integration, but users should know a credential is required.
key = os.environ.get("LINKFOXAGENT_API_KEY") ... headers={ "Authorization": api_key, "Content-Type": "application/json" }Only configure the API key if you trust LinkFox, keep it out of chats and logs, and rotate it if it is exposed. The skill metadata should ideally declare this credential requirement explicitly.
If the feedback endpoint is used, some user-provided feedback or task context could be sent to LinkFox.
The reference documentation includes a separate feedback endpoint that may receive user feedback or intent text. No code automatically calls it, but it is an additional data flow outside the main keyword-overview API.
POST `https://skill-api.linkfox.com/api/v1/public/feedback` ... `content`: Include what the user said or intended, what actually happened, and why it is a problem or praise
Use the feedback endpoint only with user awareness, and avoid including secrets, private business data, or unnecessary conversation details.