Skills
skills/kehwar/skills/frappe-standard-script-report-schema/Gen Agent Trust Hub

frappe-standard-script-report-schema

Pass

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/save_report.py executes operations within the Frappe framework to create or modify 'Report' documents. It utilizes ignore_permissions=True during database calls (doc.insert and doc.save), which bypasses the application's internal access control mechanisms for these records.
  • [PROMPT_INJECTION]: The skill provides a surface for indirect prompt injection (Category 8) because it processes structured data (JSON) that can influence application configuration and role-based access control.
  • Ingestion points: The save_report.py script ingests data from a JSON file path provided as a command-line argument.
  • Boundary markers: The skill lacks boundary markers or specific instructions to the agent to treat the contents of the JSON as untrusted or to ignore embedded instructions.
  • Capability inventory: The script performs database writes and triggers filesystem writes (creating .py and .js stubs) through the Frappe framework's standard report export logic.
  • Sanitization: Validation is limited to verifying that the doctype and report_type fields match the expected values.
Audit Metadata
Risk Level
SAFE
Analyzed
May 6, 2026, 08:41 PM