oro-integration
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No prompt injection or instruction override patterns were detected in the skill instructions or code snippets.
- [CREDENTIALS_UNSAFE]: No hardcoded credentials or sensitive tokens were found. The configuration examples in
references/message-queue-config.mdcorrectly demonstrate the use of environment variables for sensitive settings like database passwords and API keys. - [DATA_EXFILTRATION]: No suspicious network operations or data exfiltration patterns were identified. The network code examples provided for integration transports in
references/integration-patterns.mdare appropriate for the described development tasks. - [COMMAND_EXECUTION]: The skill mentions standard OroCommerce CLI commands (
php bin/console ...) for development, testing, and maintenance, which is expected and safe in this context. - [SAFE]: The skill describes an architecture for ingesting external data through imports and message queues. * Ingestion points:
ProcessDocumentProcessor(message body) andDocumentDataConverter(import data columns) inreferences/integration-patterns.md. * Boundary markers: No explicit prompt boundary markers are provided in the boilerplate code. * Capability inventory: The skill facilitates database entity operations and external API requests via custom transports. * Sanitization: The examples utilize standard JSON decoding for message processing.
Audit Metadata