deco-storefront-test-checklist
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill utilizes standard command-line utilities such as
ripgrep(rg) andlsto identify project components and structures within the localsrc/directory. These operations are restricted to the local filesystem and serve legitimate diagnostic purposes. - [SAFE]: No external network requests, data exfiltration patterns, or hardcoded credentials were detected. The skill focuses entirely on internal project discovery.
- [SAFE]: The shell commands provided (e.g.,
npm run dev,npm run build) are standard lifecycle scripts for web development projects and do not include any hidden or obfuscated flags. - [SAFE]: The skill does not attempt to modify system configurations, persist across sessions, or escalate privileges.
- [SAFE]: All referenced packages and naming conventions are consistent with the official documentation and infrastructure of the vendor 'decocms'.
Audit Metadata