frappe-printing-templates
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- Data Exposure & Exfiltration (SAFE): The skill demonstrates reading document data and sending it via email using the
frappeAPI. These are standard framework operations for the intended use case. The documentation correctly identifies when permissions are bypassed (e.g.,frappe.get_all) and explicitly recommends usingfrappe.get_listfor permission-aware access. Evidence:references/jinja.md. - Indirect Prompt Injection (SAFE): The skill defines a surface for processing untrusted document data (e.g.,
doc.customer,doc.terms) into Jinja templates. It mitigates potential injection and XSS risks by detailing Frappe's auto-escaping mechanisms and providing specific guardrails for manual escaping (|e) while warning about the security implications of the|safefilter. Evidence:SKILL.md,references/jinja.md. - Dynamic Execution (SAFE): Jinja templating is used as the primary, intended method for document rendering. The examples leverage whitelisted framework methods and follow established developer patterns for Frappe application development. Evidence:
references/jinja.md.
Audit Metadata