medusa-development
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: Includes instructions for project initialization and development using standard Medusa.js CLI tools, such as
npx create-medusa-appandnpx medusa develop. - [EXTERNAL_DOWNLOADS]: References official framework packages and utilities from the
@medusajsnamespace on NPM, which is a well-known and trusted service provider. - [DATA_EXFILTRATION]: Correctly demonstrates the use of environment variables for database connections, Redis URLs, and payment provider API keys, ensuring credentials are not hardcoded in the source code.
- [SAFE]: The skill follows framework-specific security best practices, including authentication context checks (
req.auth_context?.actor_id) and explicit advice to validate API inputs with Zod. No obfuscation or suspicious remote code execution patterns were found.
Audit Metadata