deco-server-functions-invoke
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were identified. The skill describes a standard architectural approach for modern web development.
- [COMMAND_EXECUTION]: Instructions include running a local generation script via
npx tsx. This is a standard build-time activity for the provided framework. - [EXTERNAL_DOWNLOADS]: The skill mentions the VTEX API domain as a target for commerce operations, which is a well-known and expected external service.
- [DATA_EXFILTRATION]: The architecture ensures that commerce credentials (appKey/appToken) are handled exclusively on the server, protecting them from exposure to the client.
Audit Metadata