vendure-plugin-writing
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): No malicious patterns or security vulnerabilities were detected in this skill.
- [DATA_EXPOSURE] (SAFE): The skill correctly demonstrates using environment variables (
process.env.MY_API_KEY) for sensitive credentials rather than hardcoding them. Default values in examples use empty strings or placeholders. - [EXTERNAL_DOWNLOADS] (SAFE): The referenced Node.js packages (
@vendure/core,@nestjs/common,graphql-tag) are standard, well-known libraries within the Vendure and NestJS ecosystems. - [COMMAND_EXECUTION] (SAFE): No shell commands, privileged operations, or persistence mechanisms are included in the documentation or code examples.
Audit Metadata