skills/openaec-foundation/erpnext_anthropic_claude_development_skill_package/erpnext-syntax-customapp/Gen Agent Trust Hub
erpnext-syntax-customapp
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides structured templates and instructions for Frappe app development using
pyproject.tomlandsetup.py. All build-system requirements (e.g.,flit_core) are standard for the platform. - [SAFE]: Data migration documentation for patches (
patches.txt) and fixtures (hooks.py) includes explicit security warnings against exporting sensitive user data, passwords, or transactional records. - [SAFE]: The Python code examples for database migrations correctly utilize Frappe's database API (
frappe.db.set_value,frappe.get_all) and demonstrate safe parameterized SQL queries (frappe.db.sqlwith%splaceholders) to prevent injection vulnerabilities. - [SAFE]: All external references and dependencies (e.g.,
requests,pandas,ruff) are well-known, industry-standard libraries. - [SAFE]: The inclusion of an anti-patterns guide (
references/anti-patterns.md) actively discourages dangerous practices like missing error handling or processing large datasets without batching.
Audit Metadata