deco-apps-vtex-review
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides documentation and checklists for auditing code quality and security in VTEX integrations, specifically focusing on session management and cookie propagation.
- [SAFE]: All external references are to vendor-specific packages (@decocms/apps-start) or well-known development tools (TypeScript, ripgrep).
- [SAFE]: Instructions promote secure coding practices, such as using HttpOnly cookies for authentication tokens and centralizing sensitive logic in utility files to avoid hardcoded strings.
- [SAFE]: Shell commands provided in the documentation are for static analysis (searching for patterns in code) and do not involve downloading or executing remote payloads.
Audit Metadata