building-storefronts
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- SAFE (SAFE): No malicious patterns, prompt injections, or exfiltration techniques were found in the skill or reference files.
- Indirect Prompt Injection (LOW): The skill provides templates for generating code that interacts with external APIs. While this creates a surface for data processing, the logic is constrained to standard UI/SDK patterns and lacks exploitable sinks.
- Dependencies (SAFE): The referenced Node.js packages (@medusajs/js-sdk and @tanstack/react-query) are standard, trusted libraries for the described use case.
- Data Integrity (SAFE): The skill includes specific rules for price formatting (storing as decimals rather than cents) and SDK serialization (preventing double-serialization) which are functional best practices for Medusa integration.
Audit Metadata