woocommerce-rest-api
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses environment variables (WOOCOMMERCE_CONSUMER_KEY, WOOCOMMERCE_CONSUMER_SECRET) for authentication, following industry standards for protecting sensitive API credentials.
- [SAFE]: All network operations are performed through the official @woocommerce/woocommerce-rest-api Node.js package, which is the trusted standard for this integration.
- [SAFE]: The inclusion of concurrency control via p-limit demonstrates a responsible design that prevents potential resource exhaustion on the target WordPress server during bulk data operations.
- [SAFE]: The skill implements standard e-commerce functionality (managing products, orders, and customers) through the versioned WooCommerce REST API (wc/v3) without any suspicious or unauthorized behavior.
- [SAFE]: While the skill processes data from an external API, creating a theoretical surface for indirect prompt injection, this is inherent to its primary function as an integration tool and is handled according to standard development practices.
Audit Metadata