permissions-expert
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFE
Full Analysis
- SAFE (SAFE): No security issues detected. The skill is entirely composed of educational documentation and code snippets for the Frappe framework. The content actively promotes security best practices, including:
- Prevention of SQL Injection: Multiple files explicitly warn against unescaped SQL conditions and provide the correct use of
frappe.db.escape(). - Fail-Secure Principles: Documentation encourages defaulting to access denial (
1=0SQL conditions) when permissions are ambiguous. - Least Privilege: Detailed guides on Permission Levels (0, 1, 2) allow for fine-grained field-level access control.
- Secure Data Handling: Guidance on website/portal permissions ensures external users (customers/suppliers) are correctly isolated from internal data.
Audit Metadata