Skills
skills/decocms/deco-start/deco-site-patterns/Gen Agent Trust Hub

deco-site-patterns

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill serves as a documentation reference for the Deco framework architecture and storefront development patterns.
  • [EXTERNAL_DOWNLOADS]: The documentation references external resources from well-known technology providers and trusted organizations, including Google APIs, Hotjar, and RetailRocket for analytics and tracking scripts.
  • [REMOTE_CODE_EXECUTION]: Describes a server-side proxy pattern in proxy.ts used to fetch third-party scripts. The implementation includes an explicit allowlist to mitigate potential SSRF (Server-Side Request Forgery) risks.
  • [DATA_EXPOSURE]: Mentions caching non-sensitive user profile information in sessionStorage for performance, which is a standard practice in web application development.
  • [COMMAND_EXECUTION]: The deno.json file contains standard development tasks (start, dev, build) using the Deno runtime and vendor-specific entry points like https://deco.cx/run.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 11:21 PM