skills/openaec-foundation/erpnext_anthropic_claude_development_skill_package/erpnext-api-patterns/Gen Agent Trust Hub
erpnext-api-patterns
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No instructions designed to bypass agent safety filters or override system behavior were found.
- Data Exposure & Exfiltration (SAFE): Credentials shown in examples are explicitly marked as 'WRONG' (anti-patterns) or use obvious placeholders. No sensitive host paths are accessed.
- Unverifiable Dependencies & Remote Code Execution (SAFE): Code examples use standard libraries ('requests', 'flask'). No malicious remote execution patterns were detected.
- Indirect Prompt Injection (SAFE): The skill provides robust guidance on sanitizing and validating external data, specifically demonstrating how to prevent SQL injection. Ingestion points (e.g., in 'webhooks-reference.md') are handled using parameterized queries and strict input validation as documented in 'anti-patterns.md'.
- Metadata Poisoning (SAFE): Several files in the 'references/' directory contain GitHub 404 error messages. While this indicates broken documentation links, it does not pose a security risk and is likely a result of an automated collection error.
Audit Metadata