search-autocomplete
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides integration paths for major e-commerce platforms (Shopify, WooCommerce, BigCommerce) using official apps and native settings, which follow standard security models.
- [SAFE]: The custom React implementation includes proactive defense-in-depth measures by using
DOMPurifyto sanitize search results before rendering, which mitigates potential Cross-Site Scripting (XSS) risks from untrusted data ingestion. - [SAFE]: Network communication patterns in the provided JavaScript examples are limited to standard search endpoints and utilize
AbortControllerto handle request cancellation, ensuring performance without introducing data leakage vulnerabilities. - [SAFE]: Analysis of the skill instructions, metadata, and supporting evaluation files confirms the absence of prompt injection, hardcoded credentials, obfuscation, or unauthorized command execution.
Audit Metadata