odoo-security
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a specialized security auditor for Odoo modules (versions 14-19). It provides a structured set of instructions and Python scripts to perform static analysis on source code, checking for common security misconfigurations such as missing IR model access rules, insecure HTTP routes, and privilege escalation via sudo().
- [COMMAND_EXECUTION]: The master script
security_auditor.pyuses thesubprocess.runmethod to execute peer Python scripts (access_checker.py,route_auditor.py,sudo_finder.py) within the skill's own directory. The skill requires theBashtool to orchestrate these executions, which is the intended functional design for this auditing toolset. - [PROMPT_INJECTION]: The
SKILL.mdfile defines the agent's role as a security expert and provides detailed guidance on auditing Odoo security layers. It does not contain instructions that attempt to bypass the underlying AI safety filters or override system-level constraints.
Audit Metadata