intershop-icm-best-practices
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE] (SAFE): The skill consists entirely of Markdown files and JSON metadata. It does not include any executable scripts (.py, .js, .sh), binaries, or automation code that could execute on a host system.
- [DATA_EXPOSURE] (SAFE): Analysis of the documentation reveals examples of hardcoded credentials (e.g., 'secretpassword') and sensitive patterns, but these are explicitly marked as 'Incorrect' or 'Bad' examples within an educational context. No actual functional credentials or sensitive system paths are exposed for malicious use.
- [PROMPT_INJECTION] (SAFE): The instructional content does not contain bypass markers, 'ignore previous instructions' commands, or role-play injections. The language is strictly professional and technical.
- [EXTERNAL_DOWNLOADS] (SAFE): External links within the documentation point to official Intershop domains (knowledge.intershop.com, support.intershop.com) and the official Intershop PWA GitHub repository, which are trusted sources for this domain.
- [REMOTE_CODE_EXECUTION] (SAFE): There are no patterns for remote script execution (e.g., curl|bash). All code snippets are provided as static text for reference purposes only.
Audit Metadata