frappe-doctype-development
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): The skill documents standard Frappe Framework patterns for DocType creation, lifecycle hooks, and controller logic. No malicious code or unauthorized system access patterns were detected.- [SAFE] (SAFE): Security documentation in 'references/permissions.md' actively promotes secure coding by highlighting the importance of permission checks in whitelisted methods and recommending permission-aware APIs over unrestricted database calls.- [SAFE] (SAFE): The implementation patterns for Virtual DocTypes provide legitimate examples for external data integration, including the use of proper credential handling (e.g., retrieving keys from configuration) and standard libraries like 'requests' and 'pymysql'.- [SAFE] (SAFE): No evidence of prompt injection, obfuscation, persistence mechanisms, or unauthorized privilege escalation was found across the analyzed files.
Audit Metadata