Skills
skills/commercengine/skills/ce-auth/Gen Agent Trust Hub

ce-auth

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
  • [SAFE]: No malicious patterns, obfuscation, or unauthorized data access were detected in the provided skill files.
  • [EXTERNAL_DOWNLOADS]: The skill references and fetches documentation from official vendor-controlled domains including commercengine.io and llm-docs.commercengine.io, as well as the vendor's GitHub repository.
  • [PROMPT_INJECTION]: The skill documents interfaces that ingest untrusted user data (email addresses and profile details), creating a potential surface for indirect prompt injection.
  • Ingestion points: Parameters for loginWithEmail, loginWithPassword, and updateUserDetails in SKILL.md.
  • Boundary markers: No explicit boundary markers or delimiters are defined in the documentation for these inputs.
  • Capability inventory: The skill declares permission to use the Bash tool.
  • Sanitization: No specific sanitization or validation routines are detailed in the provided code snippets.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 10:31 AM