cart-logic
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No prompt injection or behavior override attempts were detected in the skill instructions or metadata. The content is strictly instructional and follows its stated purpose.
- [SAFE]: No sensitive data exposure or exfiltration patterns were found. Code snippets for the Shopify Storefront API use placeholder variables for sensitive tokens and domains, and they target well-known, trusted endpoints.
- [SAFE]: No obfuscation techniques, such as Base64-encoded commands, zero-width characters, or homoglyphs, were used in the skill files.
- [SAFE]: The skill does not include any external package installations or remote code execution patterns. It relies on standard platform APIs and native implementations.
- [SAFE]: No persistence mechanisms or privilege escalation attempts were detected. The skill focuses on application-level logic for shopping carts.
- [SAFE]: Evaluation tasks and criteria are focused on functional correctness, security best practices (e.g., XSS protection via httpOnly cookies), and data integrity (e.g., server-side price calculation).
Audit Metadata